Today we have released a security patch for Laravel versions 6.x and 7.x. These releases have been released as Laravel 6.18.29 and 7.22.2. All Laravel users are encouraged to upgrade to these versions as soon as possible.
Upgrading to these versions will invalidate any existing cookies issued by your application; therefore, your application's users will need to re-authenticate.
Update: Passport 9.3.2 has been released in order to provide compatibility with this security release.