Le 23/01/2021 à 18:49, David Prévot a écrit :
Package: php-illuminate-database Version: 5.7.27-1
[…]
A quick look at the php-illuminate-database code, as shipped in stable, makes me think that it is probably vulnerable to CVE-2021-21263 as fixed in 6.20.11
Also, since the CVE-2021-21263 fix was incomplete, upstream released another security update as 6.20.14.
https://github.com/laravel/framework/security/advisories/GHSA-x7p5-p2c9-phvg Regards David
