CVE-2024-52301
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-52301
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-52301.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-52301
- Aliases
- Downstream
- Published
- 2024-11-12T20:15:14Z
- Modified
- 2025-09-19T15:10:41.261146Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Laravel is a web application framework. When the registerargcargv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. The vulnerability fixed in 6.20.45, 7.30.7, 8.83.28, 9.52.17, 10.48.23, and 11.31.0. The framework now ignores argv values for environment detection on non-cli SAPIs.
- References
Affected packages
Git / github.com/laravel/framework
Affected ranges
- Type
- GIT
- Repo
- https://github.com/laravel/framework
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
5.*
5.0.30
5.2.41
5.3
v4.*
v4.0.0
v4.0.0-BETA2
v4.0.0-BETA3
v4.0.0-BETA4
v4.0.1
v4.0.10
v4.0.2
v4.0.3
v4.0.4
v4.0.5
v4.0.6
v4.0.7
v4.0.8
v4.0.9
v4.1.0
v4.1.1
v4.1.10
v4.1.11
v4.1.12
v4.1.13
v4.1.14
v4.1.15
v4.1.16
v4.1.17
v4.1.18
v4.1.19
v4.1.2
v4.1.20
v4.1.21
v4.1.22
v4.1.23
v4.1.24
v4.1.25
v4.1.26
v4.1.27
v4.1.28
v4.1.29
v4.1.3
v4.1.30
v4.1.4
v4.1.5
v4.1.6
v4.1.7
v4.1.8
v4.1.9
v4.2.0
v4.2.0-BETA1
v4.2.1
v4.2.10
v4.2.11
v4.2.12
v4.2.13
v4.2.14
v4.2.15
v4.2.16
v4.2.17
v4.2.2
v4.2.3
v4.2.4
v4.2.5
v4.2.6
v4.2.7
v4.2.8
v4.2.9
v5.*
v5.0.0
v5.0.1
v5.0.10
v5.0.11
v5.0.12
v5.0.13
v5.0.14
v5.0.15
v5.0.16
v5.0.17
v5.0.18
v5.0.19
v5.0.2
v5.0.20
v5.0.21
v5.0.22
v5.0.23
v5.0.24
v5.0.25
v5.0.26
v5.0.27
v5.0.28
v5.0.29
v5.0.3
v5.0.31
v5.0.32
v5.0.4
v5.0.5
v5.0.6
v5.0.7
v5.0.8
v5.0.9
v5.1.0
v5.1.1
v5.1.10
v5.1.11
v5.1.12
v5.1.13
v5.1.14
v5.1.15
v5.1.16
v5.1.17
v5.1.18
v5.1.19
v5.1.2
v5.1.20
v5.1.21
v5.1.22
v5.1.23
v5.1.24
v5.1.25
v5.1.26
v5.1.27
v5.1.28
v5.1.29
v5.1.3
v5.1.30
v5.1.31
v5.1.32
v5.1.33
v5.1.34
v5.1.35
v5.1.36
v5.1.37
v5.1.38
v5.1.39
v5.1.4
v5.1.40
v5.1.41
v5.1.42
v5.1.43
v5.1.44
v5.1.45
v5.1.5
v5.1.6
v5.1.7
v5.1.8
v5.1.9
v5.2.0
v5.2.0-beta1
v5.2.1
v5.2.10
v5.2.11
v5.2.12
v5.2.13
v5.2.14
v5.2.15
v5.2.16
v5.2.17
v5.2.18
v5.2.19
v5.2.2
v5.2.20
v5.2.21
v5.2.22
v5.2.23
v5.2.24
v5.2.25
v5.2.26
v5.2.27
v5.2.28
v5.2.29
v5.2.3
v5.2.30
v5.2.31
v5.2.32
v5.2.33
v5.2.34
v5.2.35
v5.2.36
v5.2.37
v5.2.38
v5.2.39
v5.2.4
v5.2.40
v5.2.42
v5.2.43
v5.2.44
v5.2.45
v5.2.5
v5.2.6
v5.2.7
v5.2.8
v5.2.9
v5.3.0
v5.3.0-RC1
v5.3.1
v5.3.10
v5.3.11
v5.3.12
v5.3.13
v5.3.14
v5.3.15
v5.3.16
v5.3.17
v5.3.18
v5.3.19
v5.3.2
v5.3.20
v5.3.21
v5.3.22
v5.3.23
v5.3.24
v5.3.25
v5.3.26
v5.3.27
v5.3.28
v5.3.29
v5.3.3
v5.3.30
v5.3.4
v5.3.5
v5.3.6
v5.3.7
v5.3.8
v5.3.9
v5.4.0
v5.4.1
v5.4.10
v5.4.11
v5.4.12
v5.4.13
v5.4.14
v5.4.15
v5.4.16
v5.4.17
v5.4.18
v5.4.19
v5.4.2
v5.4.20
v5.4.21
v5.4.22
v5.4.23
v5.4.24
v5.4.25
v5.4.26
v5.4.27
v5.4.28
v5.4.29
v5.4.3
v5.4.30
v5.4.31
v5.4.32
v5.4.33
v5.4.34
v5.4.35
v5.4.36
v5.4.4
v5.4.5
v5.4.6
v5.4.7
v5.4.8
v5.4.9
v5.5.0
v5.5.1
v5.5.10
v5.5.11
v5.5.12
v5.5.13
v5.5.14
v5.5.15
v5.5.16
v5.5.17
v5.5.18
v5.5.19
v5.5.2
v5.5.20
v5.5.21
v5.5.22
v5.5.23
v5.5.24
v5.5.25
v5.5.26
v5.5.27
v5.5.28
v5.5.29
v5.5.3
v5.5.30
v5.5.31
v5.5.32
v5.5.33
v5.5.34
v5.5.35
v5.5.36
v5.5.37
v5.5.38
v5.5.39
v5.5.4
v5.5.40
v5.5.41
v5.5.42
v5.5.43
v5.5.44
v5.5.45
v5.5.46
v5.5.47
v5.5.48
v5.5.49
v5.5.5
v5.5.6
v5.5.7
v5.5.8
v5.5.9
v5.6.0
v5.6.1
v5.6.10
v5.6.11
v5.6.12
v5.6.13
v5.6.14
v5.6.15
v5.6.16
v5.6.17
v5.6.18
v5.6.19
v5.6.2
v5.6.20
v5.6.21
v5.6.22
v5.6.23
v5.6.24
v5.6.25
v5.6.26
v5.6.27
v5.6.28
v5.6.29
v5.6.3
v5.6.30
v5.6.31
v5.6.32
v5.6.33
v5.6.34
v5.6.35
v5.6.36
v5.6.37
v5.6.38
v5.6.39
v5.6.4
v5.6.5
v5.6.6
v5.6.7
v5.6.8
v5.6.9
v5.7.0
v5.7.1
v5.7.10
v5.7.11
v5.7.12
v5.7.13
v5.7.14
v5.7.15
v5.7.16
v5.7.17
v5.7.18
v5.7.19
v5.7.2
v5.7.20
v5.7.21
v5.7.22
v5.7.23
v5.7.24
v5.7.25
v5.7.26
v5.7.27
v5.7.28
v5.7.3
v5.7.4
v5.7.5
v5.7.6
v5.7.7
v5.7.8
v5.7.9
v5.8.0
v5.8.1
v5.8.10
v5.8.11
v5.8.12
v5.8.13
v5.8.14
v5.8.15
v5.8.16
v5.8.17
v5.8.18
v5.8.19
v5.8.2
v5.8.20
v5.8.21
v5.8.22
v5.8.23
v5.8.24
v5.8.25
v5.8.26
v5.8.27
v5.8.28
v5.8.29
v5.8.3
v5.8.30
v5.8.31
v5.8.32
v5.8.33
v5.8.34
v5.8.35
v5.8.36
v5.8.37
v5.8.4
v5.8.5
v5.8.6
v5.8.7
v5.8.8
v5.8.9
v6.*
v6.0.0
v6.0.1
v6.0.2
v6.0.3
v6.0.4
v6.1.0
v6.10.0
v6.10.1
v6.11.0
v6.12.0
v6.13.0
v6.13.1
v6.14.0
v6.15.0
v6.15.1
v6.16.0
v6.17.0
v6.17.1
v6.18.0
v6.18.1
v6.18.10
v6.18.11
v6.18.12
v6.18.13
v6.18.14
v6.18.15
v6.18.16
v6.18.17
v6.18.18
v6.18.19
v6.18.2
v6.18.20
v6.18.21
v6.18.22
v6.18.23
v6.18.24
v6.18.25
v6.18.26
v6.18.27
v6.18.28
v6.18.29
v6.18.3
v6.18.30
v6.18.31
v6.18.32
v6.18.33
v6.18.34
v6.18.35
v6.18.36
v6.18.37
v6.18.38
v6.18.39
v6.18.4
v6.18.40
v6.18.41
v6.18.42
v6.18.43
v6.18.5
v6.18.6
v6.18.7
v6.18.8
v6.18.9
v6.19.0
v6.19.1
v6.2.0
v6.20.0
v6.20.1
v6.20.10
v6.20.11
v6.20.12
v6.20.13
v6.20.14
v6.20.15
v6.20.16
v6.20.17
v6.20.18
v6.20.19
v6.20.2
v6.20.20
v6.20.21
v6.20.22
v6.20.23
v6.20.24
v6.20.25
v6.20.26
v6.20.27
v6.20.28
v6.20.29
v6.20.3
v6.20.30
v6.20.31
v6.20.32
v6.20.33
v6.20.34
v6.20.35
v6.20.36
v6.20.37
v6.20.38
v6.20.39
v6.20.4
v6.20.40
v6.20.41
v6.20.42
v6.20.43
v6.20.44
v6.20.5
v6.20.6
v6.20.7
v6.20.8
v6.20.9
v6.3.0
v6.4.0
v6.4.1
v6.5.0
v6.5.1
v6.5.2
v6.6.0
v6.6.1
v6.6.2
v6.7.0
v6.8.0
v6.9.0