Search for packages
| purl | pkg:composer/topthink/framework@8.0.4 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-74ev-f8gq-j7h1
Aliases: CVE-2024-44902 GHSA-f4wh-359g-4pq7 |
A deserialization vulnerability in Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-grek-9pzd-kkdm | ThinkPHP 8.0.3 allows remote attackers to exploit XSS due to inadequate filtering of function argument values in think_exception.tpl. |
CVE-2024-34467
GHSA-969f-v7jv-pgj3 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-13T15:11:03.011907+00:00 | GitLab Importer | Fixing | VCID-grek-9pzd-kkdm | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/topthink/framework/CVE-2024-34467.yml | 38.6.0 |
| 2026-06-12T19:39:08.464000+00:00 | GitLab Importer | Affected by | VCID-74ev-f8gq-j7h1 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/topthink/framework/CVE-2024-44902.yml | 38.6.0 |
| 2026-06-12T07:44:36.431512+00:00 | GithubOSV Importer | Fixing | VCID-grek-9pzd-kkdm | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-969f-v7jv-pgj3/GHSA-969f-v7jv-pgj3.json | 38.6.0 |
| 2026-06-11T20:35:56.831947+00:00 | GHSA Importer | Affected by | VCID-74ev-f8gq-j7h1 | https://github.com/advisories/GHSA-f4wh-359g-4pq7 | 38.6.0 |
| 2026-06-11T20:34:37.885046+00:00 | GHSA Importer | Fixing | VCID-grek-9pzd-kkdm | https://github.com/advisories/GHSA-969f-v7jv-pgj3 | 38.6.0 |