Get expert guidance in a few days with a Laravel code review

Blog Tutorials Packages Newsletter Podcasts

Partners Links Your Account

Important Laravel Security Updates

Published on July 28th, 2020 by Paul Redmond

Important Laravel Security Updates image

The Laravel team released an important security update for Laravel 6 (v6.18.27) and Laravel 7 (v7.22.0) with a planned security release for Laravel 5.5 LTS forthcoming. You should update your applications to the latest patch releases as soon as possible, especially if you’re using the “cookie” session driver.

SECURITY: Laravel 6.18.27 and 7.22.0 have been released with a security related patch. All Laravel users should upgrade to these versions as soon as possible. https://t.co/uqtulq4H3f

— Laravel (@laravelphp) July 27, 2020

Laravel 6 is the current LTS version of Laravel. However, the previous LTS 5.5 version will receive essential security updates through the end of August 2020.

Laravel 5.5. users should avoid using the “cookie” session driver in production immediately:

Since we have not yet released a security release for the Laravel 5.5 version of the framework, we recommend that all applications running Laravel 5.5 and earlier do not use the “cookie” session driver in their production deployments.

Further details are available on the Laravel Blog.

Staff writer at Laravel News. Full stack web developer and author.

Github

Filed in:

News

Cube

Laravel Newsletter

Join 40k+ other developers and never miss out on new tips, tutorials, and more.

Cube

Laravel Jobs

Explore hundreds of open positions today.

Technical Support Engineer (USA/EMEA - Remote)

Senior Laravel Backend Developer (m/f/x)

Senior PHP Laravel Engineer

Senior Laravel Developer - Product Lead

Senior AI-Augmented Engineer (Laravel 12 + Agentic Workflows) - Remote

Tinkerwell

Enjoy coding and debugging in an editor designed for fast feedback and quick iterations. It's like a shell for your application – but with multi-line editing, code completion, and more.

Partners

View all →

Supercharge your project with a seasoned Laravel developer with 4-6 years of experience for just $3200/month. Get 160 hours of dedicated expertise & a risk-free 15-day trial. Schedule a call now!

The must-have code runner for Laravel developers. Tinker with AI, autocompletion and instant feedback on local and production environments.

Expert code review! Get clear, practical feedback from two Laravel devs with 10+ years of experience helping teams build better apps.

Providing innovation and stability to ensure your web application succeeds.

Running an old Laravel version? Instant, automated Laravel upgrades and code modernization to keep your applications fresh.

The next generation time-tracking and billing software that helps your agency plan and forecast a profitable future.

Get Lucky Now - the ideal choice for Laravel Development, with over a decade of experience!

SaaSykit is a Multi-tenant Laravel SaaS Starter Kit that comes with all features required to run a modern SaaS. Payments, Beautiful Checkout, Admin Panel, User dashboard, Auth, Ready Components, Stats, Blog, Docs and more.

The latest

View all →

Single Table Inheritance for Eloquent Models Using Parental image

Single Table Inheritance for Eloquent Models Using Parental

Laravel Live Denmark Returns to Copenhagen in August 2026 image

Laravel Live Denmark Returns to Copenhagen in August 2026

Generate Secure, Memorable Passphrases in PHP with PHP Passphrase image

Generate Secure, Memorable Passphrases in PHP with PHP Passphrase

FrankenPHP v1.11.2 Released With 30% Faster CGO, 40% Faster GC, and Security Patches image

FrankenPHP v1.11.2 Released With 30% Faster CGO, 40% Faster GC, and Security Patches

Capture Web Page Screenshots in Laravel with Spatie's Laravel Screenshot image

Capture Web Page Screenshots in Laravel with Spatie's Laravel Screenshot

Nimbus: An In-Browser API Testing Playground for Laravel image

Nimbus: An In-Browser API Testing Playground for Laravel