Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/silverstripe/framework@3.6.2-beta1
purl pkg:composer/silverstripe/framework@3.6.2-beta1
Next non-vulnerable version 4.3.5
Latest non-vulnerable version 5.2.16
Risk 3.1
Vulnerabilities affecting this package (10)
Vulnerability Summary Fixed by
VCID-3497-71mw-yqh8
Aliases:
CVE-2019-5715
GHSA-wvfw-w3x6-g526
SilverStripe allowss Reflected SQL Injection through Form and `DataObject`.
3.6.7
Affected by 8 other vulnerabilities.
3.7.3
Affected by 8 other vulnerabilities.
4.0.7
Affected by 7 other vulnerabilities.
4.1.5
Affected by 8 other vulnerabilities.
4.2.4
Affected by 8 other vulnerabilities.
4.3.1
Affected by 8 other vulnerabilities.
VCID-4mg2-rjsn-qyfx
Aliases:
CVE-2019-12203
GHSA-w7r7-r8r9-vrg2
3.6.8
Affected by 8 other vulnerabilities.
3.7.4
Affected by 8 other vulnerabilities.
4.3.4
Affected by 1 other vulnerability.
4.3.5
Affected by 0 other vulnerabilities.
4.4.4
Affected by 1 other vulnerability.
VCID-7kmy-8ht6-8fcw
Aliases:
CVE-2019-12245
GHSA-jvx5-rm6q-gx7p
3.6.8
Affected by 8 other vulnerabilities.
3.7.4
Affected by 8 other vulnerabilities.
4.3.4
Affected by 1 other vulnerability.
4.3.6
Affected by 0 other vulnerabilities.
4.4.4
Affected by 1 other vulnerability.
VCID-9vwe-uejx-c3c5
Aliases:
CVE-2019-12246
GHSA-5fr8-xhqq-4p3q
4.3.4
Affected by 1 other vulnerability.
4.4.0
Affected by 6 other vulnerabilities.
VCID-k1aa-deyg-2kdg
Aliases:
CVE-2019-14272
GHSA-jgw2-f5mx-rg7h
4.0.1-rc1
Affected by 8 other vulnerabilities.
4.3.5
Affected by 0 other vulnerabilities.
4.4.4
Affected by 1 other vulnerability.
VCID-k6ed-y2ud-wffu
Aliases:
CVE-2019-14273
GHSA-43jj-2rwc-2m3f
4.0.1-rc1
Affected by 8 other vulnerabilities.
4.3.5
Affected by 0 other vulnerabilities.
4.4.4
Affected by 1 other vulnerability.
VCID-m2bw-tabk-qyd8
Aliases:
CVE-2019-12617
GHSA-6r58-4xgr-gm6m
4.3.4
Affected by 1 other vulnerability.
4.3.5
Affected by 0 other vulnerabilities.
4.4.4
Affected by 1 other vulnerability.
VCID-pq7w-n99a-q7cj
Aliases:
CVE-2017-18049
GHSA-2jvj-mhf2-g99w
Injection Vulnerability In the CSV export feature of SilverStripe, it is possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software.
3.6.3-rc2
Affected by 9 other vulnerabilities.
3.6.3
Affected by 9 other vulnerabilities.
4.0.1-rc1
Affected by 8 other vulnerabilities.
4.0.1
Affected by 8 other vulnerabilities.
VCID-x6g5-a61e-3khu
Aliases:
CVE-2019-12205
GHSA-rfvw-5848-gxc5
4.3.4
Affected by 1 other vulnerability.
4.3.5
Affected by 0 other vulnerabilities.
4.4.4
Affected by 1 other vulnerability.
VCID-yxg1-dz91-ckgs
Aliases:
CVE-2019-12437
GHSA-fx37-56v6-85q6
Cross-Site Request Forgery (CSRF) Cross Site Request Forgery (CSRF) Protection Bypass in GraphQL.
4.3.4
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-05-31T10:02:54.782989+00:00 GitLab Importer Affected by VCID-yxg1-dz91-ckgs https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12437.yml 38.6.0
2026-05-31T10:02:52.821054+00:00 GitLab Importer Affected by VCID-9vwe-uejx-c3c5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12246.yml 38.6.0
2026-05-31T09:59:33.670933+00:00 GitLab Importer Affected by VCID-k1aa-deyg-2kdg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-14272.yml 38.6.0
2026-05-31T09:59:32.598614+00:00 GitLab Importer Affected by VCID-k6ed-y2ud-wffu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-14273.yml 38.6.0
2026-05-31T09:59:31.797366+00:00 GitLab Importer Affected by VCID-m2bw-tabk-qyd8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12617.yml 38.6.0
2026-05-31T09:59:30.745281+00:00 GitLab Importer Affected by VCID-7kmy-8ht6-8fcw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12245.yml 38.6.0
2026-05-31T09:59:29.079344+00:00 GitLab Importer Affected by VCID-x6g5-a61e-3khu https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12205.yml 38.6.0
2026-05-31T09:59:28.015622+00:00 GitLab Importer Affected by VCID-4mg2-rjsn-qyfx https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12203.yml 38.6.0
2026-05-31T09:55:38.804285+00:00 GitLab Importer Affected by VCID-3497-71mw-yqh8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-5715.yml 38.6.0
2026-05-31T09:42:56.655779+00:00 GitLab Importer Affected by VCID-pq7w-n99a-q7cj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2017-18049.yml 38.6.0