Laravel · Laravel Nova · CVE-2020-36950
**Name of the Vulnerable Software and Affected Versions**
Laravel Nova version 3.7.0
**Description**
Laravel Nova version 3.7.0 has a condition that allows authenticated users to cause a denial of service. This occurs by manipulating the `range` parameter and sending requests with a very large value, which can overwhelm the server and cause it to crash.
**Recommendations**
Apply a fix that appropriately validates and limits the acceptable values for the `range` parameter.