VulnerableCode Package Details - pkg:composer/silverstripe/framework@4.0.0-alpha5

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:composer/silverstripe/framework@4.0.0-alpha5

Essentials
History (8)

purl	pkg:composer/silverstripe/framework@4.0.0-alpha5

Next non-vulnerable version	4.3.5
Latest non-vulnerable version	5.2.16
Risk	3.1

Vulnerabilities affecting this package (8)

Vulnerability	Summary	Fixed by
VCID-4mg2-rjsn-qyfx Aliases: CVE-2019-12203 GHSA-w7r7-r8r9-vrg2		4.3.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 4.3.5 Affected by 0 other vulnerabilities. 4.4.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-7kmy-8ht6-8fcw Aliases: CVE-2019-12245 GHSA-jvx5-rm6q-gx7p		4.3.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 4.3.6 Affected by 0 other vulnerabilities. 4.4.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-9vwe-uejx-c3c5 Aliases: CVE-2019-12246 GHSA-5fr8-xhqq-4p3q		4.3.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 4.4.0 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-k1aa-deyg-2kdg Aliases: CVE-2019-14272 GHSA-jgw2-f5mx-rg7h		4.0.1-rc1 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 4.3.5 Affected by 0 other vulnerabilities. 4.4.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-k6ed-y2ud-wffu Aliases: CVE-2019-14273 GHSA-43jj-2rwc-2m3f		4.0.1-rc1 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 4.3.5 Affected by 0 other vulnerabilities. 4.4.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-m2bw-tabk-qyd8 Aliases: CVE-2019-12617 GHSA-6r58-4xgr-gm6m		4.3.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 4.3.5 Affected by 0 other vulnerabilities. 4.4.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-x6g5-a61e-3khu Aliases: CVE-2019-12205 GHSA-rfvw-5848-gxc5		4.3.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 4.3.5 Affected by 0 other vulnerabilities. 4.4.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-yxg1-dz91-ckgs Aliases: CVE-2019-12437 GHSA-fx37-56v6-85q6	Cross-Site Request Forgery (CSRF) Cross Site Request Forgery (CSRF) Protection Bypass in GraphQL.	4.3.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-31T10:02:54.836319+00:00	GitLab Importer	Affected by	VCID-yxg1-dz91-ckgs	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12437.yml	38.6.0
2026-05-31T10:02:52.865324+00:00	GitLab Importer	Affected by	VCID-9vwe-uejx-c3c5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12246.yml	38.6.0
2026-05-31T09:59:33.715904+00:00	GitLab Importer	Affected by	VCID-k1aa-deyg-2kdg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-14272.yml	38.6.0
2026-05-31T09:59:32.644357+00:00	GitLab Importer	Affected by	VCID-k6ed-y2ud-wffu	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-14273.yml	38.6.0
2026-05-31T09:59:31.841649+00:00	GitLab Importer	Affected by	VCID-m2bw-tabk-qyd8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12617.yml	38.6.0
2026-05-31T09:59:30.788971+00:00	GitLab Importer	Affected by	VCID-7kmy-8ht6-8fcw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12245.yml	38.6.0
2026-05-31T09:59:29.129045+00:00	GitLab Importer	Affected by	VCID-x6g5-a61e-3khu	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12205.yml	38.6.0
2026-05-31T09:59:28.058803+00:00	GitLab Importer	Affected by	VCID-4mg2-rjsn-qyfx	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/silverstripe/framework/CVE-2019-12203.yml	38.6.0