[pkg-php-pear] Bug#1001333: php-illuminate-view: XSS vulnerability in the Blade templating engine

Robin Gustafsson robin at rgson.se
Wed Dec 8 20:38:48 GMT 2021

Package: php-illuminate-view
Version: 6.20.14+dfsg-2
Severity: important
Tags: upstream security
X-Debbugs-Cc: Debian Security Team <team at security.debian.org>

Upstream has published a security advisory about an XSS vulnerability in
the Blade templating engine.

The issue has been fixed in upstream versions 6.20.42, 7.30.6 and 8.75.0.

[1] https://github.com/laravel/framework/security/advisories/GHSA-66hf-2p6w-jqfw
[2] https://github.com/FriendsOfPHP/security-advisories/pull/601
[3] https://nvd.nist.gov/vuln/detail/CVE-2021-43808

More information about the pkg-php-pear mailing list