Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/laravel/framework@5.6.30
Typecomposer
Namespacelaravel
Nameframework
Version5.6.30
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version6.20.26
Latest_non_vulnerable_version12.1.1
Affected_by_vulnerabilities
0
url VCID-96p3-hbxp-duaz
vulnerability_id VCID-96p3-hbxp-duaz
summary 
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Laravel is a web application framework. Versions of Laravel before 6.20.11, 7.30.2 and 8.22.1 contain a query binding exploitation. This same exploit applies to the illuminate/database package which is used by Laravel. If a request is crafted where a field that is normally a non-array value is an array, and that input is not validated or cast to its expected type before being passed to the query builder, an unexpected number of query bindings can be added to the query. In some situations, this will simply lead to no results being returned by the query builder; however, it is possible certain queries could be affected in a way that causes the query to return unexpected results.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21263
reference_id
reference_type
scores
0
value 0.01139
scoring_system epss
scoring_elements 0.78748
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21263
1
reference_url https://blog.laravel.com/security-laravel-62011-7302-8221-released
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://blog.laravel.com/security-laravel-62011-7302-8221-released
2
reference_url https://blog.laravel.com/security-laravel-62012-7303-released
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://blog.laravel.com/security-laravel-62012-7303-released
3
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/illuminate/database/CVE-2021-21263.yaml
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/illuminate/database/CVE-2021-21263.yaml
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/laravel/framework/CVE-2021-21263.yaml
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/laravel/framework/CVE-2021-21263.yaml
5
reference_url https://github.com/laravel/framework/pull/35865
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/laravel/framework/pull/35865
6
reference_url https://packagist.org/packages/illuminate/database
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/illuminate/database
7
reference_url https://packagist.org/packages/laravel/framework
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/laravel/framework
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980095
reference_id 980095
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980095
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-21263
reference_id CVE-2021-21263
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-21263
10
reference_url https://github.com/advisories/GHSA-3p32-j457-pg5x
reference_id GHSA-3p32-j457-pg5x
reference_type
scores
url https://github.com/advisories/GHSA-3p32-j457-pg5x
11
reference_url https://github.com/laravel/framework/security/advisories/GHSA-3p32-j457-pg5x
reference_id GHSA-3p32-j457-pg5x
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/laravel/framework/security/advisories/GHSA-3p32-j457-pg5x
fixed_packages
0
url pkg:composer/laravel/framework@6.20.11
purl pkg:composer/laravel/framework@6.20.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-96p3-hbxp-duaz
1
vulnerability VCID-wptp-4xv5-43du
2
vulnerability VCID-zj39-eevs-kug3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@6.20.11
1
url pkg:composer/laravel/framework@6.20.12
purl pkg:composer/laravel/framework@6.20.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-wptp-4xv5-43du
1
vulnerability VCID-zj39-eevs-kug3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@6.20.12
2
url pkg:composer/laravel/framework@7.30.2
purl pkg:composer/laravel/framework@7.30.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-96p3-hbxp-duaz
1
vulnerability VCID-wptp-4xv5-43du
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@7.30.2
3
url pkg:composer/laravel/framework@7.30.3
purl pkg:composer/laravel/framework@7.30.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-wptp-4xv5-43du
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@7.30.3
4
url pkg:composer/laravel/framework@8.22.1
purl pkg:composer/laravel/framework@8.22.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-wptp-4xv5-43du
1
vulnerability VCID-zj39-eevs-kug3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@8.22.1
aliases CVE-2021-21263, GHSA-3p32-j457-pg5x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-96p3-hbxp-duaz
1
url VCID-wptp-4xv5-43du
vulnerability_id VCID-wptp-4xv5-43du
summary 
Unexpected database bindings
This is a follow-up to the previous security advisory (GHSA-3p32-j457-pg5x) which addresses a few additional edge cases.

If a request is crafted where a field that is normally a non-array value is an array, and that input is not validated or cast to its expected type before being passed to the query builder, an unexpected number of query bindings can be added to the query. In some situations, this will simply lead to no results being returned by the query builder; however, it is possible certain queries could be affected in a way that causes the query to return unexpected results.
references
0
reference_url https://packagist.org/packages/illuminate/database
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/illuminate/database
1
reference_url https://packagist.org/packages/laravel/framework
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/laravel/framework
2
reference_url https://github.com/advisories/GHSA-3p32-j457-pg5x
reference_id GHSA-3p32-j457-pg5x
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-3p32-j457-pg5x
3
reference_url https://github.com/advisories/GHSA-x7p5-p2c9-phvg
reference_id GHSA-x7p5-p2c9-phvg
reference_type
scores
url https://github.com/advisories/GHSA-x7p5-p2c9-phvg
4
reference_url https://github.com/laravel/framework/security/advisories/GHSA-x7p5-p2c9-phvg
reference_id GHSA-x7p5-p2c9-phvg
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/laravel/framework/security/advisories/GHSA-x7p5-p2c9-phvg
fixed_packages
0
url pkg:composer/laravel/framework@6.20.14
purl pkg:composer/laravel/framework@6.20.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zj39-eevs-kug3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@6.20.14
1
url pkg:composer/laravel/framework@7.30.4
purl pkg:composer/laravel/framework@7.30.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@7.30.4
2
url pkg:composer/laravel/framework@8.24.0
purl pkg:composer/laravel/framework@8.24.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zj39-eevs-kug3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@8.24.0
aliases GHSA-x7p5-p2c9-phvg, GMS-2021-114, GMS-2021-116
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wptp-4xv5-43du
2
url VCID-zj39-eevs-kug3
vulnerability_id VCID-zj39-eevs-kug3
summary 
SQL Server LIMIT / OFFSET SQL Injection in laravel/framework and illuminate/database
### Impact

Those using SQL Server with Laravel and allowing user input to be passed directly to the `limit` and `offset` functions is vulnerable to SQL injection. Other database drivers such as MySQL and Postgres are not affected by this vulnerability.

### Patches

This problem has been patched on Laravel versions 6.20.26, 7.30.5, and 8.40.0.

### Workarounds

You may workaround this vulnerability by ensuring that only integers are passed to the `limit` and `offset` functions, as well as the `skip` and `take` functions.
references
0
reference_url https://github.com/laravel/framework
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/laravel/framework
1
reference_url https://packagist.org/packages/illuminate/database
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/illuminate/database
2
reference_url https://packagist.org/packages/laravel/framework
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://packagist.org/packages/laravel/framework
3
reference_url https://github.com/advisories/GHSA-4mg9-vhxq-vm7j
reference_id GHSA-4mg9-vhxq-vm7j
reference_type
scores
url https://github.com/advisories/GHSA-4mg9-vhxq-vm7j
4
reference_url https://github.com/laravel/framework/security/advisories/GHSA-4mg9-vhxq-vm7j
reference_id GHSA-4mg9-vhxq-vm7j
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/laravel/framework/security/advisories/GHSA-4mg9-vhxq-vm7j
fixed_packages
0
url pkg:composer/laravel/framework@6.20.26
purl pkg:composer/laravel/framework@6.20.26
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@6.20.26
1
url pkg:composer/laravel/framework@8.40.0
purl pkg:composer/laravel/framework@8.40.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@8.40.0
aliases GHSA-4mg9-vhxq-vm7j, GMS-2021-113, GMS-2021-115
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zj39-eevs-kug3
Fixing_vulnerabilities
0
url VCID-1apm-fx9d-3ufe
vulnerability_id VCID-1apm-fx9d-3ufe
summary 
Laravel Framework RCE Vulnerability
In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in `Illuminate/Encryption/Encrypter.php` and PendingBroadcast in `gadgetchains/Laravel/RCE/3/chain.php` in phpggc. The attacker must know the application key, which normally would never occur, but could happen if the attacker previously had privileged access or successfully accomplished a previous attack.
references
0
reference_url http://packetstormsecurity.com/files/153641/PHP-Laravel-Framework-Token-Unserialize-Remote-Command-Execution.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/153641/PHP-Laravel-Framework-Token-Unserialize-Remote-Command-Execution.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-15133
reference_id
reference_type
scores
0
value 0.84447
scoring_system epss
scoring_elements 0.99339
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-15133
2
reference_url https://github.com/kozmic/laravel-poc-CVE-2018-15133
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/kozmic/laravel-poc-CVE-2018-15133
3
reference_url https://github.com/laravel/framework
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/laravel/framework
4
reference_url https://github.com/laravel/framework/commit/d84cf988ed5d4661a4bf1fdcb08f5073835083a0
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/laravel/framework/commit/d84cf988ed5d4661a4bf1fdcb08f5073835083a0
5
reference_url https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-15133
reference_id CVE-2018-15133
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-15133
7
reference_url https://github.com/advisories/GHSA-qvqm-h22r-4cp9
reference_id GHSA-qvqm-h22r-4cp9
reference_type
scores
url https://github.com/advisories/GHSA-qvqm-h22r-4cp9
fixed_packages
0
url pkg:composer/laravel/framework@5.6.30
purl pkg:composer/laravel/framework@5.6.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-96p3-hbxp-duaz
1
vulnerability VCID-wptp-4xv5-43du
2
vulnerability VCID-zj39-eevs-kug3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@5.6.30
aliases CVE-2018-15133, GHSA-qvqm-h22r-4cp9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1apm-fx9d-3ufe
1
url VCID-c1e9-2tyr-j3e9
vulnerability_id VCID-c1e9-2tyr-j3e9
summary 
Session Fixation
Cookie serialization vulnerability in laravel framework.
references
0
reference_url https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30
reference_id
reference_type
scores
url https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30
fixed_packages
0
url pkg:composer/laravel/framework@4.2.0-BETA1
purl pkg:composer/laravel/framework@4.2.0-BETA1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-96p3-hbxp-duaz
1
vulnerability VCID-eqzu-3cmt-2ube
2
vulnerability VCID-t45c-4zgs-r7es
3
vulnerability VCID-wptp-4xv5-43du
4
vulnerability VCID-zg1j-9fvd-bqek
5
vulnerability VCID-zj39-eevs-kug3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@4.2.0-BETA1
1
url pkg:composer/laravel/framework@5.2.0-beta1
purl pkg:composer/laravel/framework@5.2.0-beta1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-96p3-hbxp-duaz
1
vulnerability VCID-eqzu-3cmt-2ube
2
vulnerability VCID-t45c-4zgs-r7es
3
vulnerability VCID-wptp-4xv5-43du
4
vulnerability VCID-zg1j-9fvd-bqek
5
vulnerability VCID-zj39-eevs-kug3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@5.2.0-beta1
2
url pkg:composer/laravel/framework@5.3.0-RC1
purl pkg:composer/laravel/framework@5.3.0-RC1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-96p3-hbxp-duaz
1
vulnerability VCID-eqzu-3cmt-2ube
2
vulnerability VCID-t45c-4zgs-r7es
3
vulnerability VCID-wptp-4xv5-43du
4
vulnerability VCID-zg1j-9fvd-bqek
5
vulnerability VCID-zj39-eevs-kug3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@5.3.0-RC1
3
url pkg:composer/laravel/framework@5.5.42
purl pkg:composer/laravel/framework@5.5.42
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-96p3-hbxp-duaz
1
vulnerability VCID-wptp-4xv5-43du
2
vulnerability VCID-zj39-eevs-kug3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@5.5.42
4
url pkg:composer/laravel/framework@5.6.30
purl pkg:composer/laravel/framework@5.6.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-96p3-hbxp-duaz
1
vulnerability VCID-wptp-4xv5-43du
2
vulnerability VCID-zj39-eevs-kug3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@5.6.30
5
url pkg:composer/laravel/framework@10.36.0
purl pkg:composer/laravel/framework@10.36.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@10.36.0
aliases GMS-2018-73
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c1e9-2tyr-j3e9
2
url VCID-tvc5-aur6-v3dq
vulnerability_id VCID-tvc5-aur6-v3dq
summary 
Laravel Cookie serialization vulnerability
Laravel 5.6.30 is a security release of Laravel and is recommended as an immediate upgrade for all users. Laravel 5.6.30 also contains a breaking change to cookie encryption and serialization logic. Refer to [laravel advisory](https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30) for more details and read the notes carefully when upgrading your application.
references
0
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/laravel/framework/2018-08-08-1.yaml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/laravel/framework/2018-08-08-1.yaml
1
reference_url https://github.com/laravel/framework
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/laravel/framework
2
reference_url https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30
3
reference_url https://github.com/advisories/GHSA-6jvx-8ch9-j2jr
reference_id GHSA-6jvx-8ch9-j2jr
reference_type
scores
url https://github.com/advisories/GHSA-6jvx-8ch9-j2jr
fixed_packages
0
url pkg:composer/laravel/framework@5.6.30
purl pkg:composer/laravel/framework@5.6.30
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-96p3-hbxp-duaz
1
vulnerability VCID-wptp-4xv5-43du
2
vulnerability VCID-zj39-eevs-kug3
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@5.6.30
aliases GHSA-6jvx-8ch9-j2jr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tvc5-aur6-v3dq
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@5.6.30