VYPR

Reverb

by Laravel

Source repositories

CVEs (2)

  • CVE-2024-50347MedOct 31, 2024
    risk 0.34cvss epss 0.00

    Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. Prior to 1.4.0, there is an issue where verification signatures for requests sent to Reverb's Pusher-compatible API were not being verified. This API is used in scenarios such as…

  • CVE-2026-23524Jan 21, 2026
    risk 0.00cvss epss 0.01

    Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. In versions 1.6.3 and below, Reverb passes data from the Redis channel directly into PHP’s unserialize() function without restricting which classes can be instantiated, which leaves…