GHSA-6jvx-8ch9-j2jr: Laravel Cookie serialization vulnerability

May 15, 2024

Laravel 5.6.30 is a security release of Laravel and is recommended as an immediate upgrade for all users. Laravel 5.6.30 also contains a breaking change to cookie encryption and serialization logic. Refer to laravel advisory for more details and read the notes carefully when upgrading your application.

References

github.com/FriendsOfPHP/security-advisories/blob/master/laravel/framework/2018-08-08-1.yaml
github.com/advisories/GHSA-6jvx-8ch9-j2jr
github.com/laravel/framework
laravel.com/docs/5.6/upgrade

Code Behaviors & Features

Detect and mitigate GHSA-6jvx-8ch9-j2jr with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →