High severityNVD Advisory· Published Sep 4, 2020· Updated Aug 4, 2024
CVE-2020-24941
CVE-2020-24941
Description
An issue was discovered in Laravel before 6.18.35 and 7.x before 7.24.0. The $guarded property is mishandled in some situations involving requests with JSON column nesting expressions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
laravel/frameworkPackagist | < 6.18.35 | 6.18.35 |
laravel/frameworkPackagist | >= 7.0.0, < 7.24.0 | 7.24.0 |
Affected products
3- Laravel/Laraveldescription
- osv-coords2 versions
< 6.18.35+ 1 more
- (no CPE)range: < 6.18.35
- (no CPE)range: < 6.18.35
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-w68r-5p45-5rqpghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-24941ghsaADVISORY
- blog.laravel.com/security-release-laravel-61835-7240ghsax_refsource_MISCWEB
- github.com/laravel/framework/commit/897d107775737a958dbd0b2f3ea37877c7526371ghsaWEB
News mentions
0No linked articles in our index yet.