Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/54916?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/54916?format=api", "purl": "pkg:composer/silverstripe/framework@3.6.3", "type": "composer", "namespace": "silverstripe", "name": "framework", "version": "3.6.3", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "3.6.6", "latest_non_vulnerable_version": "5.3.23", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55022?format=api", "vulnerability_id": "VCID-37d1-tt74-yyfm", "summary": "silverstripe/framework users inadvertently passing sensitive data to LoginAttempt\nAll user login attempts are logged in the database in the LoginAttempt table. However, this table contains information in plain text, and may possible contain sensitive information, such as user passwords mis-typed into the username field.\n\nIn order to address this a one-way hash is applied to the Email field before being stored.", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-009-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-009-1.yaml" }, { "reference_url": "https://github.com/silverstripe/silverstripe-framework", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/silverstripe/silverstripe-framework" }, { "reference_url": "https://github.com/silverstripe/silverstripe-framework/commit/3e2bcaa0b49277ff7f7004b265a7fa80d0b92e5c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/silverstripe/silverstripe-framework/commit/3e2bcaa0b49277ff7f7004b265a7fa80d0b92e5c" }, { "reference_url": "https://github.com/silverstripe/silverstripe-framework/commit/c5d6eb816d4ac5e9fa3d8bc4bd82de95719eb22d", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/silverstripe/silverstripe-framework/commit/c5d6eb816d4ac5e9fa3d8bc4bd82de95719eb22d" }, { "reference_url": "https://github.com/silverstripe/silverstripe-framework/commit/f1dd3d6f03eb1d94c29c495994a1da9176a758d9", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/silverstripe/silverstripe-framework/commit/f1dd3d6f03eb1d94c29c495994a1da9176a758d9" }, { "reference_url": "https://www.silverstripe.org/download/security-releases/ss-2017-009", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.silverstripe.org/download/security-releases/ss-2017-009" }, { "reference_url": "https://github.com/advisories/GHSA-ph62-fv59-vf9h", "reference_id": "GHSA-ph62-fv59-vf9h", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-ph62-fv59-vf9h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54915?format=api", "purl": "pkg:composer/silverstripe/framework@3.5.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/54916?format=api", "purl": "pkg:composer/silverstripe/framework@3.6.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54917?format=api", "purl": "pkg:composer/silverstripe/framework@4.0.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1" } ], "aliases": [ "GHSA-ph62-fv59-vf9h" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-37d1-tt74-yyfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55043?format=api", "vulnerability_id": "VCID-aygc-4nhm-n7eq", "summary": "silverstripe/framework SQL injection in full text search\nWhen performing a fulltext search in SilverStripe 4.0.0 the 'start' querystring parameter is never escaped safely. This exposes a possible SQL injection vulnerability.\n\nThe issue exists in 3.5 and 3.6 but is less vulnerable, as SearchForm sanitises these variables prior to passing to mysql.", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-008-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-008-1.yaml" }, { "reference_url": "https://github.com/silverstripe/silverstripe-framework", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/silverstripe/silverstripe-framework" }, { "reference_url": "https://github.com/silverstripe/silverstripe-framework/commit/099a5a3c2d99ed39bdd8815e1e2790bb9351770b", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/silverstripe/silverstripe-framework/commit/099a5a3c2d99ed39bdd8815e1e2790bb9351770b" }, { "reference_url": "https://github.com/silverstripe/silverstripe-framework/commit/a8465900bdc77199176c953890ce7587045b1ea4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/silverstripe/silverstripe-framework/commit/a8465900bdc77199176c953890ce7587045b1ea4" }, { "reference_url": "https://www.silverstripe.org/download/security-releases/ss-2017-008", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.silverstripe.org/download/security-releases/ss-2017-008" }, { "reference_url": "https://github.com/advisories/GHSA-xx4r-5265-48j6", "reference_id": "GHSA-xx4r-5265-48j6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-xx4r-5265-48j6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54915?format=api", "purl": "pkg:composer/silverstripe/framework@3.5.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/54916?format=api", "purl": "pkg:composer/silverstripe/framework@3.6.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54917?format=api", "purl": "pkg:composer/silverstripe/framework@4.0.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1" } ], "aliases": [ "GHSA-xx4r-5265-48j6" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aygc-4nhm-n7eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55028?format=api", "vulnerability_id": "VCID-fm87-te3v-pkc8", "summary": "silverstripe/framework CSV Excel Macro Injection\nIn the CSV export feature of the CMS it's possible for the output to contain macros and scripts, which if imported without sanitisation into software (including Microsoft Excel) may be executed.\n\nIn order to safeguard against this threat all potentially executable cell values exported from CSV will be prepended with a literal tab character.", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-007-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-007-1.yaml" }, { "reference_url": "https://github.com/silverstripe/silverstripe-framework", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/silverstripe/silverstripe-framework" }, { "reference_url": "https://github.com/silverstripe/silverstripe-framework/commit/55739fa5af6171594b2cb4f3621d5fcce5e887d4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/silverstripe/silverstripe-framework/commit/55739fa5af6171594b2cb4f3621d5fcce5e887d4" }, { "reference_url": "https://github.com/silverstripe/silverstripe-framework/commit/cfe1d4f481bf53ea8da2b8608a563e207d923df9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/silverstripe/silverstripe-framework/commit/cfe1d4f481bf53ea8da2b8608a563e207d923df9" }, { "reference_url": "https://github.com/silverstripe/silverstripe-framework/commit/dd4c5417e7592e29e698af428b72bdb9b6729797", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/silverstripe/silverstripe-framework/commit/dd4c5417e7592e29e698af428b72bdb9b6729797" }, { "reference_url": "https://www.silverstripe.org/download/security-releases/ss-2017-007", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.silverstripe.org/download/security-releases/ss-2017-007" }, { "reference_url": "https://github.com/advisories/GHSA-mqjc-x563-c9q8", "reference_id": "GHSA-mqjc-x563-c9q8", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-mqjc-x563-c9q8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54915?format=api", "purl": "pkg:composer/silverstripe/framework@3.5.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/54916?format=api", "purl": "pkg:composer/silverstripe/framework@3.6.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54917?format=api", "purl": "pkg:composer/silverstripe/framework@4.0.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1" } ], "aliases": [ "GHSA-mqjc-x563-c9q8" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fm87-te3v-pkc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39336?format=api", "vulnerability_id": "VCID-qdwg-f2bx-1bay", "summary": "Injection Vulnerability\nIn the CSV export feature of SilverStripe, it is possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software.", "references": [ { "reference_url": "https://github.com/silverstripe/silverstripe-framework", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/silverstripe/silverstripe-framework" }, { "reference_url": "https://www.exploit-db.com/exploits/43396", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/43396" }, { "reference_url": "https://www.exploit-db.com/exploits/43396/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/43396/" }, { "reference_url": "https://www.silverstripe.org/download/security-releases/ss-2017-007", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.silverstripe.org/download/security-releases/ss-2017-007" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18049", "reference_id": "CVE-2017-18049", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18049" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54915?format=api", "purl": "pkg:composer/silverstripe/framework@3.5.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/54916?format=api", "purl": "pkg:composer/silverstripe/framework@3.6.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.6.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54917?format=api", "purl": "pkg:composer/silverstripe/framework@4.0.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1" } ], "aliases": [ "CVE-2017-18049", "GHSA-2jvj-mhf2-g99w" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdwg-f2bx-1bay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55037?format=api", "vulnerability_id": "VCID-znbg-16r4-6ybg", "summary": "silverstripe/framework's User-Agent header not correctly invalidating user session\nA security protection device in Session designed to protect session hijacking was not correctly functioning. This function intended to protect user sessions by detecting changes in the User-Agent header, but modifications to this header were not correctly invalidating the user session.", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-006-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-006-1.yaml" }, { "reference_url": "https://github.com/silverstripe/silverstripe-framework", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/silverstripe/silverstripe-framework" }, { "reference_url": "https://github.com/silverstripe/silverstripe-framework/commit/44de03da0147e6094b02602b7b73d5b1a1306d78", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/silverstripe/silverstripe-framework/commit/44de03da0147e6094b02602b7b73d5b1a1306d78" }, { "reference_url": "https://github.com/silverstripe/silverstripe-framework/commit/d47667bb0768841e4b305fa95d5a4e2ba232c4ad", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/silverstripe/silverstripe-framework/commit/d47667bb0768841e4b305fa95d5a4e2ba232c4ad" }, { "reference_url": "https://www.silverstripe.org/download/security-releases/ss-2017-006", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.silverstripe.org/download/security-releases/ss-2017-006" }, { "reference_url": "https://github.com/advisories/GHSA-4qx8-j9vh-2628", "reference_id": "GHSA-4qx8-j9vh-2628", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-4qx8-j9vh-2628" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54915?format=api", "purl": "pkg:composer/silverstripe/framework@3.5.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.5.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/54916?format=api", "purl": "pkg:composer/silverstripe/framework@3.6.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.6.3" } ], "aliases": [ "GHSA-4qx8-j9vh-2628" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-znbg-16r4-6ybg" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@3.6.3" }