CVE-2020-19316: OS Command Injection
First published: Mon Dec 20 2021(Updated: )
OS Command injection vulnerability in function link in Filesystem.php in Laravel Framework before 5.8.17.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Laravel Framework | <5.8.17 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-19316?
The severity of CVE-2020-19316 is high with a CVSS score of 8.8.
How does the OS Command injection vulnerability in function link in Filesystem.php occur?
The OS Command injection vulnerability in function link in Filesystem.php occurs due to insufficient input validation, allowing an attacker to execute arbitrary commands on the target system.
Which software versions are affected by CVE-2020-19316?
CVE-2020-19316 affects Laravel Framework versions before 5.8.17.
How can I fix the OS Command injection vulnerability in Laravel Framework?
To fix the OS Command injection vulnerability in Laravel Framework, update to version 5.8.17 or later.
Where can I find more information about CVE-2020-19316?
You can find more information about CVE-2020-19316 at http://www.netbytesec.com/advisories/OSCommandInjectionInLaravelFramework/ and https://github.com/laravel/framework/commit/44c3feb604944599ad1c782a9942981c3991fa31.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- agent/last-modified-date
- agent/remedy
- collector/mitre-cve
- source/MITRE
- vendor/laravel
- canonical/laravel framework
- vendor/microsoft
- canonical/microsoft windows