Search for packages
| purl | pkg:composer/cakephp/cakephp@3.1.0-RC1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2ggf-ncwr-tkea
Aliases: CVE-2019-11458 GHSA-qhrx-hcm6-pmrw |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
|
VCID-e42e-y1zv-4yem
Aliases: CVE-2016-4793 GHSA-j8p3-8m69-2hqq |
Improper Input Validation The `clientIp` function in CakePHP allows remote attackers to spoof their IP via the `CLIENT-IP` HTTP header. |
Affected by 2 other vulnerabilities. Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-k87k-gfb3-vbab | Unsafe view template filenames result in a Remote File Inclusion vulnerability. |
GMS-2015-41
|
| VCID-tyh8-9qqj-tfdt | PHP Remote File Inclusion Remote File Inclusion through View template name manipulation. |
GMS-2015-64
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-05-31T10:01:03.163118+00:00 | GitLab Importer | Affected by | VCID-2ggf-ncwr-tkea | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/cakephp/cakephp/CVE-2019-11458.yml | 38.6.0 |
| 2026-05-31T09:37:45.522023+00:00 | GitLab Importer | Affected by | VCID-e42e-y1zv-4yem | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/cakephp/cakephp/CVE-2016-4793.yml | 38.6.0 |
| 2026-05-31T09:34:35.793641+00:00 | GitLab Importer | Fixing | VCID-k87k-gfb3-vbab | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/cakephp/cakephp/GMS-2015-41.yml | 38.6.0 |
| 2026-05-31T09:34:35.531729+00:00 | GitLab Importer | Fixing | VCID-tyh8-9qqj-tfdt | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/cakephp/cakephp/GMS-2015-64.yml | 38.6.0 |