Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/silverstripe/framework@3.6.0-beta1
purl pkg:composer/silverstripe/framework@3.6.0-beta1
Next non-vulnerable version 3.7.5
Latest non-vulnerable version 5.3.23
Risk 3.1
Vulnerabilities affecting this package (11)
Vulnerability Summary Fixed by
VCID-3497-71mw-yqh8
Aliases:
CVE-2019-5715
GHSA-wvfw-w3x6-g526
SilverStripe allowss Reflected SQL Injection through Form and `DataObject`.
3.6.7
Affected by 9 other vulnerabilities.
3.7.3
Affected by 9 other vulnerabilities.
4.0.7
Affected by 9 other vulnerabilities.
4.1.5
Affected by 10 other vulnerabilities.
4.2.4
Affected by 10 other vulnerabilities.
4.3.1
Affected by 10 other vulnerabilities.
VCID-4mg2-rjsn-qyfx
Aliases:
CVE-2019-12203
GHSA-w7r7-r8r9-vrg2
3.6.8
Affected by 9 other vulnerabilities.
3.7.4
Affected by 9 other vulnerabilities.
4.3.4
Affected by 3 other vulnerabilities.
4.3.5
Affected by 2 other vulnerabilities.
4.4.4
Affected by 3 other vulnerabilities.
VCID-7kmy-8ht6-8fcw
Aliases:
CVE-2019-12245
GHSA-jvx5-rm6q-gx7p
3.6.8
Affected by 9 other vulnerabilities.
3.7.4
Affected by 9 other vulnerabilities.
4.3.4
Affected by 3 other vulnerabilities.
4.3.6
Affected by 0 other vulnerabilities.
4.4.4
Affected by 3 other vulnerabilities.
VCID-9vwe-uejx-c3c5
Aliases:
CVE-2019-12246
GHSA-5fr8-xhqq-4p3q
4.3.4
Affected by 3 other vulnerabilities.
4.4.0
Affected by 8 other vulnerabilities.
VCID-k1aa-deyg-2kdg
Aliases:
CVE-2019-14272
GHSA-jgw2-f5mx-rg7h
4.0.1-rc1
Affected by 10 other vulnerabilities.
4.0.1
Affected by 10 other vulnerabilities.
4.3.5
Affected by 2 other vulnerabilities.
4.4.4
Affected by 3 other vulnerabilities.
VCID-k6ed-y2ud-wffu
Aliases:
CVE-2019-14273
GHSA-43jj-2rwc-2m3f
4.0.1-rc1
Affected by 10 other vulnerabilities.
4.0.1
Affected by 10 other vulnerabilities.
4.3.5
Affected by 2 other vulnerabilities.
4.4.4
Affected by 3 other vulnerabilities.
VCID-m2bw-tabk-qyd8
Aliases:
CVE-2019-12617
GHSA-6r58-4xgr-gm6m
4.3.4
Affected by 3 other vulnerabilities.
4.3.5
Affected by 2 other vulnerabilities.
4.4.4
Affected by 3 other vulnerabilities.
VCID-tp75-2k7m-6yaw
Aliases:
CVE-2020-9311
GHSA-2pw2-qpcp-m47x
3.7.5
Affected by 0 other vulnerabilities.
VCID-vrv4-sy3z-jfe2
Aliases:
CVE-2017-14498
GHSA-j696-6m57-mcrv
Cross-site Scripting SilverStripe CMS has an XSS via an SVG document that is mishandled by (1) the Insert Media option in the content editor or (2) an `admin/assets/add` pathname.
3.6.1-alpha2
Affected by 11 other vulnerabilities.
3.6.1
Affected by 11 other vulnerabilities.
VCID-x6g5-a61e-3khu
Aliases:
CVE-2019-12205
GHSA-rfvw-5848-gxc5
4.3.4
Affected by 3 other vulnerabilities.
4.3.5
Affected by 2 other vulnerabilities.
4.4.4
Affected by 3 other vulnerabilities.
VCID-yxg1-dz91-ckgs
Aliases:
CVE-2019-12437
GHSA-fx37-56v6-85q6
Cross-Site Request Forgery (CSRF) Cross Site Request Forgery (CSRF) Protection Bypass in GraphQL.
4.3.4
Affected by 3 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-01T05:49:52.124100+00:00 GitLab Importer Affected by VCID-tp75-2k7m-6yaw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2020-9311.yml 38.6.0
2026-05-31T10:02:54.766013+00:00 GitLab Importer Affected by VCID-yxg1-dz91-ckgs https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12437.yml 38.6.0
2026-05-31T10:02:52.809705+00:00 GitLab Importer Affected by VCID-9vwe-uejx-c3c5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12246.yml 38.6.0
2026-05-31T09:59:33.659890+00:00 GitLab Importer Affected by VCID-k1aa-deyg-2kdg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-14272.yml 38.6.0
2026-05-31T09:59:32.586209+00:00 GitLab Importer Affected by VCID-k6ed-y2ud-wffu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-14273.yml 38.6.0
2026-05-31T09:59:31.781342+00:00 GitLab Importer Affected by VCID-m2bw-tabk-qyd8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12617.yml 38.6.0
2026-05-31T09:59:30.731179+00:00 GitLab Importer Affected by VCID-7kmy-8ht6-8fcw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12245.yml 38.6.0
2026-05-31T09:59:29.065266+00:00 GitLab Importer Affected by VCID-x6g5-a61e-3khu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12205.yml 38.6.0
2026-05-31T09:59:28.005082+00:00 GitLab Importer Affected by VCID-4mg2-rjsn-qyfx https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12203.yml 38.6.0
2026-05-31T09:55:38.790782+00:00 GitLab Importer Affected by VCID-3497-71mw-yqh8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-5715.yml 38.6.0
2026-05-31T09:39:52.835982+00:00 GitLab Importer Affected by VCID-vrv4-sy3z-jfe2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2017-14498.yml 38.6.0