{"url":"http://public2.vulnerablecode.io/api/packages/145303?format=json","purl":"pkg:composer/silverstripe/framework@4.0.0-rc3","type":"composer","namespace":"silverstripe","name":"framework","version":"4.0.0-rc3","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"5.3.23","latest_non_vulnerable_version":"5.3.23","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/340877?format=json","vulnerability_id":"VCID-25r7-spjd-qufz","summary":"silverstripe/framework uploaded PHP script execution in assets","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-012-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-012-1.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/5b7eca2b6327556e2d5ad31bb00511b187e5992a","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/5b7eca2b6327556e2d5ad31bb00511b187e5992a"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2018-012","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2018-012"},{"reference_url":"https://github.com/advisories/GHSA-f43j-8hq4-2xj9","reference_id":"GHSA-f43j-8hq4-2xj9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f43j-8hq4-2xj9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81486?format=json","purl":"pkg:composer/silverstripe/framework@4.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/81488?format=json","purl":"pkg:composer/silverstripe/framework@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8bkg-xn4y-nydr"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.1"}],"aliases":["GHSA-f43j-8hq4-2xj9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-25r7-spjd-qufz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/340873?format=json","vulnerability_id":"VCID-2e1q-fc4b-mydq","summary":"silverstripe/framework Privilege Escalation Risk in Member Edit form","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-001-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-001-1.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/577138882163e4b8782ea043487944d30d88e753","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/577138882163e4b8782ea043487944d30d88e753"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/e409d6f673c49846086b23677aecdc3fde5fc4d5","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/e409d6f673c49846086b23677aecdc3fde5fc4d5"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2018-001","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2018-001"},{"reference_url":"https://github.com/advisories/GHSA-xpff-c35g-j3cr","reference_id":"GHSA-xpff-c35g-j3cr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xpff-c35g-j3cr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81486?format=json","purl":"pkg:composer/silverstripe/framework@4.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/81488?format=json","purl":"pkg:composer/silverstripe/framework@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8bkg-xn4y-nydr"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.1"}],"aliases":["GHSA-xpff-c35g-j3cr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2e1q-fc4b-mydq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/340872?format=json","vulnerability_id":"VCID-2p3r-ff36-aqfm","summary":"silverstripe/framework's URL parameters `isDev` and `isTest` unguarded","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-005-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-005-1.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/d935140a9528a3a42323b51d84fb2bcd3da065a7","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/d935140a9528a3a42323b51d84fb2bcd3da065a7"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2018-005","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2018-005"},{"reference_url":"https://github.com/advisories/GHSA-55qg-6c4m-mw6g","reference_id":"GHSA-55qg-6c4m-mw6g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-55qg-6c4m-mw6g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81486?format=json","purl":"pkg:composer/silverstripe/framework@4.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/81488?format=json","purl":"pkg:composer/silverstripe/framework@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8bkg-xn4y-nydr"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.1"}],"aliases":["GHSA-55qg-6c4m-mw6g"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2p3r-ff36-aqfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202068?format=json","vulnerability_id":"VCID-2uck-cp19-v3e9","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37421","reference_id":"","reference_type":"","scores":[{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55469","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37421"},{"reference_url":"https://forum.silverstripe.org/c/releases","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T20:34:09Z/"}],"url":"https://forum.silverstripe.org/c/releases"},{"reference_url":"https://www.silverstripe.org/blog/tag/release","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T20:34:09Z/"}],"url":"https://www.silverstripe.org/blog/tag/release"},{"reference_url":"https://www.silverstripe.org/download/security-releases","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases"},{"reference_url":"https://www.silverstripe.org/download/security-releases/","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T20:34:09Z/"}],"url":"https://www.silverstripe.org/download/security-releases/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-37421","reference_id":"CVE-2022-37421","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-37421"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2022-37421","reference_id":"CVE-2022-37421","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2022-37421"},{"reference_url":"https://www.silverstripe.org/download/security-releases/CVE-2022-37421","reference_id":"CVE-2022-37421","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T20:34:09Z/"}],"url":"https://www.silverstripe.org/download/security-releases/CVE-2022-37421"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/cms/CVE-2022-37421.yaml","reference_id":"CVE-2022-37421.YAML","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/cms/CVE-2022-37421.yaml"},{"reference_url":"https://github.com/advisories/GHSA-pp74-g2q5-j4jf","reference_id":"GHSA-pp74-g2q5-j4jf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pp74-g2q5-j4jf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/572980?format=json","purl":"pkg:composer/silverstripe/framework@4.11.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.11.3"}],"aliases":["CVE-2022-37421","GHSA-pp74-g2q5-j4jf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2uck-cp19-v3e9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/137842?format=json","vulnerability_id":"VCID-4mg2-rjsn-qyfx","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12203","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17126","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12203"},{"reference_url":"https://forum.silverstripe.org/c/releases","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://forum.silverstripe.org/c/releases"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/blob/4/docs/en/04_Changelogs/4.4.4.md#444","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/blob/4/docs/en/04_Changelogs/4.4.4.md#444"},{"reference_url":"https://www.silverstripe.org/download/security-releases","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases"},{"reference_url":"https://www.silverstripe.org/download/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2019-12203","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2019-12203"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12203","reference_id":"CVE-2019-12203","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12203"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2019-12203/","reference_id":"CVE-2019-12203","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/cve-2019-12203/"},{"reference_url":"https://www.silverstripe.org/download/security-releases/CVE-2019-12203","reference_id":"CVE-2019-12203","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/CVE-2019-12203"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12203.yaml","reference_id":"CVE-2019-12203.YAML","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12203.yaml"},{"reference_url":"https://github.com/advisories/GHSA-w7r7-r8r9-vrg2","reference_id":"GHSA-w7r7-r8r9-vrg2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w7r7-r8r9-vrg2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/145313?format=json","purl":"pkg:composer/silverstripe/framework@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/74358?format=json","purl":"pkg:composer/silverstripe/framework@4.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/74360?format=json","purl":"pkg:composer/silverstripe/framework@4.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-4ywc-gcvd-73a9"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4"}],"aliases":["CVE-2019-12203","GHSA-w7r7-r8r9-vrg2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4mg2-rjsn-qyfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/347348?format=json","vulnerability_id":"VCID-4qq2-bbj1-8fdb","summary":"Silverstripe Framework has a Reflected Cross Site Scripting (XSS) in error message\n> [!IMPORTANT]\n> This vulnerability only affects sites which are in the \"dev\" environment mode. If your production website is in \"dev\" mode, it has been misconfigured, and you should immediately swap it to \"live\" mode.\n> See https://docs.silverstripe.org/en/developer_guides/debugging/environment_types/ for more information.\n\nIf a website has been set to the \"dev\" environment mode, a URL can be provided which includes an XSS payload which will be executed in the resulting error message.\n\n## References\n\n- https://www.silverstripe.org/download/security-releases/ss-2024-002\n\n## Reported by\n\nGaurav Nayak from [Chaleit](https://chaleit.com/)","references":[{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/a555dad4ec73c929f6316bcb4019eb325a5b77d8","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/a555dad4ec73c929f6316bcb4019eb325a5b77d8"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-mqf3-qpc3-g26q","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-mqf3-qpc3-g26q"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2024-002","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2024-002"},{"reference_url":"https://github.com/advisories/GHSA-mqf3-qpc3-g26q","reference_id":"GHSA-mqf3-qpc3-g26q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mqf3-qpc3-g26q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/745232?format=json","purl":"pkg:composer/silverstripe/framework@6.0.0-alpha1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@6.0.0-alpha1"},{"url":"http://public2.vulnerablecode.io/api/packages/193925?format=json","purl":"pkg:composer/silverstripe/framework@5.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.8"}],"aliases":["GHSA-mqf3-qpc3-g26q"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4qq2-bbj1-8fdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14861?format=json","vulnerability_id":"VCID-5ccd-zu9e-yfgp","summary":"Business Logic Errors in GitHub repository silverstripe/silverstripe-framework","references":[{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/cbf2987a616e9ef4d7eccae5d763ef2179bdbcc2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/cbf2987a616e9ef4d7eccae5d763ef2179bdbcc2"},{"reference_url":"https://huntr.dev/bounties/35631e3a-f4b9-41ad-857c-7e3021932a72","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/35631e3a-f4b9-41ad-857c-7e3021932a72"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0227","reference_id":"CVE-2022-0227","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0227"},{"reference_url":"https://github.com/advisories/GHSA-32m2-9f76-4gv8","reference_id":"GHSA-32m2-9f76-4gv8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-32m2-9f76-4gv8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/59361?format=json","purl":"pkg:composer/silverstripe/framework@4.10.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.10.1"}],"aliases":["CVE-2022-0227","GHSA-32m2-9f76-4gv8"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ccd-zu9e-yfgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/340882?format=json","vulnerability_id":"VCID-6zn9-kt2q-s3bq","summary":"silverstripe/framework has possible denial of service attack vector when flushing","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-019-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-019-1.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/0610f76da02ac53a1b51cdfe9eac34e943a66991","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/0610f76da02ac53a1b51cdfe9eac34e943a66991"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/8d7c2dafabad505d769f3774c44e0595fb1a4cd9","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/8d7c2dafabad505d769f3774c44e0595fb1a4cd9"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/af000bea9b16ea553cae7f7f662f74ab8dc343df","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/af000bea9b16ea553cae7f7f662f74ab8dc343df"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2018-019","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2018-019"},{"reference_url":"https://github.com/advisories/GHSA-cwgq-83w5-8jfq","reference_id":"GHSA-cwgq-83w5-8jfq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cwgq-83w5-8jfq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81500?format=json","purl":"pkg:composer/silverstripe/framework@4.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/81495?format=json","purl":"pkg:composer/silverstripe/framework@4.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8bkg-xn4y-nydr"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/81497?format=json","purl":"pkg:composer/silverstripe/framework@4.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8bkg-xn4y-nydr"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.2.2"}],"aliases":["GHSA-cwgq-83w5-8jfq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6zn9-kt2q-s3bq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/137865?format=json","vulnerability_id":"VCID-7kmy-8ht6-8fcw","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12245","reference_id":"","reference_type":"","scores":[{"value":"0.00255","scoring_system":"epss","scoring_elements":"0.4898","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12245"},{"reference_url":"https://forum.silverstripe.org/c/releases","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://forum.silverstripe.org/c/releases"},{"reference_url":"https://www.silverstripe.org/download/security-releases","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases"},{"reference_url":"https://www.silverstripe.org/download/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2019-12245","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2019-12245"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12245","reference_id":"CVE-2019-12245","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12245"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2019-12245/","reference_id":"CVE-2019-12245","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/cve-2019-12245/"},{"reference_url":"https://www.silverstripe.org/download/security-releases/CVE-2019-12245","reference_id":"CVE-2019-12245","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/CVE-2019-12245"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/assets/CVE-2019-12245.yaml","reference_id":"CVE-2019-12245.YAML","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/assets/CVE-2019-12245.yaml"},{"reference_url":"https://github.com/advisories/GHSA-jvx5-rm6q-gx7p","reference_id":"GHSA-jvx5-rm6q-gx7p","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jvx5-rm6q-gx7p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/145313?format=json","purl":"pkg:composer/silverstripe/framework@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/74368?format=json","purl":"pkg:composer/silverstripe/framework@4.3.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/74360?format=json","purl":"pkg:composer/silverstripe/framework@4.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-4ywc-gcvd-73a9"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4"}],"aliases":["CVE-2019-12245","GHSA-jvx5-rm6q-gx7p"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7kmy-8ht6-8fcw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183572?format=json","vulnerability_id":"VCID-8csb-m7rv-xyh2","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41559","reference_id":"","reference_type":"","scores":[{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57606","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41559"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/releases","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/releases"},{"reference_url":"https://www.silverstripe.org/download/security-releases","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases"},{"reference_url":"https://www.silverstripe.org/download/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-41559","reference_id":"CVE-2021-41559","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-41559"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2021-41559","reference_id":"CVE-2021-41559","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2021-41559"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2021-41559.yaml","reference_id":"CVE-2021-41559.YAML","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2021-41559.yaml"},{"reference_url":"https://github.com/advisories/GHSA-9fmg-89fx-r33w","reference_id":"GHSA-9fmg-89fx-r33w","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9fmg-89fx-r33w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/549782?format=json","purl":"pkg:composer/silverstripe/framework@4.11.0-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.11.0-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/78408?format=json","purl":"pkg:composer/silverstripe/framework@4.10.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.10.9"}],"aliases":["CVE-2021-41559","GHSA-9fmg-89fx-r33w"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8csb-m7rv-xyh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/137866?format=json","vulnerability_id":"VCID-9vwe-uejx-c3c5","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12246","reference_id":"","reference_type":"","scores":[{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36012","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12246"},{"reference_url":"https://forum.silverstripe.org/c/releases","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://forum.silverstripe.org/c/releases"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12246.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12246.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/ca56e8d78e468874b9267c94d8ec75240b6da0ab","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/ca56e8d78e468874b9267c94d8ec75240b6da0ab"},{"reference_url":"https://www.silverstripe.org/blog/tag/release","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/blog/tag/release"},{"reference_url":"https://www.silverstripe.org/download/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12246","reference_id":"CVE-2019-12246","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12246"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2019-12246","reference_id":"CVE-2019-12246","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2019-12246"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/145313?format=json","purl":"pkg:composer/silverstripe/framework@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/74359?format=json","purl":"pkg:composer/silverstripe/framework@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-4ywc-gcvd-73a9"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-k6ed-y2ud-wffu"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.0"}],"aliases":["CVE-2019-12246","GHSA-5fr8-xhqq-4p3q"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9vwe-uejx-c3c5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18178?format=json","vulnerability_id":"VCID-adng-1x6w-2baj","summary":"Improper Input Validation\nSilverstripe Framework is the MVC framework that powers Silverstripe CMS. When a new member record is created and a password is not set, an empty encrypted password is generated. As a result, if someone is aware of the existence of a member record associated with a specific email address, they can potentially attempt to log in using that empty password. Although the default member authenticator and login form require a non-empty password, alternative authentication methods might still permit a successful login with the empty password. This issue has been patched in versions 4.13.4 and 5.0.13.","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-32302.yaml","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-32302.yaml"},{"reference_url":"https://github.com/github/advisory-database/pull/2575","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/github/advisory-database/pull/2575"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/7b21b38ac4532d06565dfcefad50540ebd2b50f4","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/7b21b38ac4532d06565dfcefad50540ebd2b50f4"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/releases/tag/4.13.14","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/releases/tag/4.13.14"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/releases/tag/5.0.13","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/releases/tag/5.0.13"},{"reference_url":"https://www.silverstripe.org/download/security-releases/CVE-2023-32302","reference_id":"","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/CVE-2023-32302"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-32302","reference_id":"CVE-2023-32302","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-32302"},{"reference_url":"https://github.com/advisories/GHSA-36xx-7vf6-7mv3","reference_id":"GHSA-36xx-7vf6-7mv3","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-36xx-7vf6-7mv3"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-36xx-7vf6-7mv3","reference_id":"GHSA-36xx-7vf6-7mv3","reference_type":"","scores":[{"value":"0.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-36xx-7vf6-7mv3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/65165?format=json","purl":"pkg:composer/silverstripe/framework@4.13.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.13.14"},{"url":"http://public2.vulnerablecode.io/api/packages/65166?format=json","purl":"pkg:composer/silverstripe/framework@5.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.0.13"}],"aliases":["CVE-2023-32302","GHSA-36xx-7vf6-7mv3"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-adng-1x6w-2baj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/340875?format=json","vulnerability_id":"VCID-c3aa-8je2-quek","summary":"silverstripe/framework BackURL validation bypass with malformed URLs","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-008-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-008-1.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/9053014a7e2eba28d000881e0bb3cc1d6e6b2eea","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/9053014a7e2eba28d000881e0bb3cc1d6e6b2eea"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2018-008","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2018-008"},{"reference_url":"https://github.com/advisories/GHSA-m5q3-mvcr-gc5m","reference_id":"GHSA-m5q3-mvcr-gc5m","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m5q3-mvcr-gc5m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81486?format=json","purl":"pkg:composer/silverstripe/framework@4.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/81488?format=json","purl":"pkg:composer/silverstripe/framework@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8bkg-xn4y-nydr"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.1"}],"aliases":["GHSA-m5q3-mvcr-gc5m"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c3aa-8je2-quek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/159546?format=json","vulnerability_id":"VCID-cskj-c9ur-47dj","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26136","reference_id":"","reference_type":"","scores":[{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44161","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26136"},{"reference_url":"https://forum.silverstripe.org/c/releases","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://forum.silverstripe.org/c/releases"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/graphql/CVE-2020-26136.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/graphql/CVE-2020-26136.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26136","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26136"},{"reference_url":"https://www.silverstripe.org/blog/tag/release","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/blog/tag/release"},{"reference_url":"https://www.silverstripe.org/download/security-releases","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases"},{"reference_url":"https://www.silverstripe.org/download/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2020-26136","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2020-26136"},{"reference_url":"https://github.com/advisories/GHSA-mg2g-8pwj-r2j2","reference_id":"GHSA-mg2g-8pwj-r2j2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mg2g-8pwj-r2j2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/419167?format=json","purl":"pkg:composer/silverstripe/framework@4.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.6.0"}],"aliases":["CVE-2020-26136","GHSA-mg2g-8pwj-r2j2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cskj-c9ur-47dj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/270458?format=json","vulnerability_id":"VCID-d1ap-2u1x-y7gg","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-53277","reference_id":"","reference_type":"","scores":[{"value":"0.01074","scoring_system":"epss","scoring_elements":"0.78068","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-53277"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-53277.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-53277.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/74904f539347b7d1f8c5b5fb9e28d62ff251ee00","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:52:17Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/74904f539347b7d1f8c5b5fb9e28d62ff251ee00"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-ff6q-3c9c-6cf5","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:52:17Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-ff6q-3c9c-6cf5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53277","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53277"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2024-53277","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:52:17Z/"}],"url":"https://www.silverstripe.org/download/security-releases/cve-2024-53277"},{"reference_url":"https://github.com/advisories/GHSA-ff6q-3c9c-6cf5","reference_id":"GHSA-ff6q-3c9c-6cf5","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-ff6q-3c9c-6cf5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/745232?format=json","purl":"pkg:composer/silverstripe/framework@6.0.0-alpha1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@6.0.0-alpha1"},{"url":"http://public2.vulnerablecode.io/api/packages/193925?format=json","purl":"pkg:composer/silverstripe/framework@5.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.8"}],"aliases":["CVE-2024-53277","GHSA-ff6q-3c9c-6cf5"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d1ap-2u1x-y7gg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/254932?format=json","vulnerability_id":"VCID-d6gt-9mst-dub4","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32981","reference_id":"","reference_type":"","scores":[{"value":"0.0105","scoring_system":"epss","scoring_elements":"0.77841","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32981"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/b8d20dc9d531550e06fd7da7a0eafa551922e2e1","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T13:18:39Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/b8d20dc9d531550e06fd7da7a0eafa551922e2e1"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32981","reference_id":"CVE-2024-32981","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32981"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2024-32981","reference_id":"CVE-2024-32981","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T13:18:39Z/"}],"url":"https://www.silverstripe.org/download/security-releases/cve-2024-32981"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-32981.yaml","reference_id":"CVE-2024-32981.YAML","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-32981.yaml"},{"reference_url":"https://github.com/advisories/GHSA-chx7-9x8h-r5mg","reference_id":"GHSA-chx7-9x8h-r5mg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-chx7-9x8h-r5mg"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-chx7-9x8h-r5mg","reference_id":"GHSA-chx7-9x8h-r5mg","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T13:18:39Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-chx7-9x8h-r5mg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82191?format=json","purl":"pkg:composer/silverstripe/framework@5.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.2.16"}],"aliases":["CVE-2024-32981","GHSA-chx7-9x8h-r5mg"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d6gt-9mst-dub4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/159547?format=json","vulnerability_id":"VCID-djww-2v4e-qkb2","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26138","reference_id":"","reference_type":"","scores":[{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52834","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26138"},{"reference_url":"https://forum.silverstripe.org/c/releases","reference_id":"","reference_type":"","scores":[],"url":"https://forum.silverstripe.org/c/releases"},{"reference_url":"https://www.silverstripe.org/blog/tag/release","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/blog/tag/release"},{"reference_url":"https://www.silverstripe.org/download/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26138","reference_id":"CVE-2020-26138","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-26138"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2020-26138","reference_id":"CVE-2020-26138","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2020-26138"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2020-26138/","reference_id":"CVE-2020-26138","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/cve-2020-26138/"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2020-26138.yaml","reference_id":"CVE-2020-26138.YAML","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2020-26138.yaml"},{"reference_url":"https://github.com/advisories/GHSA-7mv4-4xpg-xq44","reference_id":"GHSA-7mv4-4xpg-xq44","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7mv4-4xpg-xq44"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/419167?format=json","purl":"pkg:composer/silverstripe/framework@4.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/76628?format=json","purl":"pkg:composer/silverstripe/framework@4.7.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.7.4"}],"aliases":["CVE-2020-26138","GHSA-7mv4-4xpg-xq44"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-djww-2v4e-qkb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/347356?format=json","vulnerability_id":"VCID-ewqs-8fqc-b3hk","summary":"Reflected Cross Site Scripting (XSS) in error message\nIf a website has been set to the \"dev\" environment mode, a URL can be provided which includes an XSS payload which will be executed in the resulting error message.","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2024-002.yaml","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2024-002.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2024-002","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2024-002"},{"reference_url":"https://github.com/advisories/GHSA-74j9-xhqr-6qv3","reference_id":"GHSA-74j9-xhqr-6qv3","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-74j9-xhqr-6qv3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/193925?format=json","purl":"pkg:composer/silverstripe/framework@5.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.8"}],"aliases":["GHSA-74j9-xhqr-6qv3"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ewqs-8fqc-b3hk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/17483?format=json","vulnerability_id":"VCID-gr5g-7tkc-2kfa","summary":"Missing Authorization\nSilverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, the GridField print view incorrectly validates the permission of DataObjects potentially allowing a content author to view records they are not authorised to access. Users should upgrade to Silverstripe Framework 4.12.15 or above to address the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22728","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17257","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22728"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-22728.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-22728.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/fd5d8217e83768d7bf841e94b2d4d82642d5bc58","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T16:10:52Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/fd5d8217e83768d7bf841e94b2d4d82642d5bc58"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2023-22728","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2023-22728"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-22728","reference_id":"CVE-2023-22728","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-22728"},{"reference_url":"https://github.com/advisories/GHSA-jh3w-6jp2-vqqm","reference_id":"GHSA-jh3w-6jp2-vqqm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jh3w-6jp2-vqqm"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-jh3w-6jp2-vqqm","reference_id":"GHSA-jh3w-6jp2-vqqm","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T16:10:52Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-jh3w-6jp2-vqqm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63807?format=json","purl":"pkg:composer/silverstripe/framework@4.12.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.5"}],"aliases":["CVE-2023-22728","GHSA-jh3w-6jp2-vqqm"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gr5g-7tkc-2kfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/340871?format=json","vulnerability_id":"VCID-hp6e-75gr-uuan","summary":"silverstripe/framework SQL injection in full text search","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-008-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-008-1.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/099a5a3c2d99ed39bdd8815e1e2790bb9351770b","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/099a5a3c2d99ed39bdd8815e1e2790bb9351770b"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/a8465900bdc77199176c953890ce7587045b1ea4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/a8465900bdc77199176c953890ce7587045b1ea4"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2017-008","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2017-008"},{"reference_url":"https://github.com/advisories/GHSA-xx4r-5265-48j6","reference_id":"GHSA-xx4r-5265-48j6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xx4r-5265-48j6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/53886?format=json","purl":"pkg:composer/silverstripe/framework@4.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-25r7-spjd-qufz"},{"vulnerability":"VCID-2e1q-fc4b-mydq"},{"vulnerability":"VCID-2p3r-ff36-aqfm"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-c3aa-8je2-quek"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-pmb3-k9w1-y7gm"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1"}],"aliases":["GHSA-xx4r-5265-48j6"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hp6e-75gr-uuan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/340870?format=json","vulnerability_id":"VCID-hsfb-xx67-7qg6","summary":"silverstripe/framework users inadvertently passing sensitive data to LoginAttempt","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-009-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-009-1.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/3e2bcaa0b49277ff7f7004b265a7fa80d0b92e5c","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/3e2bcaa0b49277ff7f7004b265a7fa80d0b92e5c"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/c5d6eb816d4ac5e9fa3d8bc4bd82de95719eb22d","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/c5d6eb816d4ac5e9fa3d8bc4bd82de95719eb22d"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/f1dd3d6f03eb1d94c29c495994a1da9176a758d9","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/f1dd3d6f03eb1d94c29c495994a1da9176a758d9"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2017-009","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2017-009"},{"reference_url":"https://github.com/advisories/GHSA-ph62-fv59-vf9h","reference_id":"GHSA-ph62-fv59-vf9h","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-ph62-fv59-vf9h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/53886?format=json","purl":"pkg:composer/silverstripe/framework@4.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-25r7-spjd-qufz"},{"vulnerability":"VCID-2e1q-fc4b-mydq"},{"vulnerability":"VCID-2p3r-ff36-aqfm"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-c3aa-8je2-quek"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-pmb3-k9w1-y7gm"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1"}],"aliases":["GHSA-ph62-fv59-vf9h"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hsfb-xx67-7qg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/340881?format=json","vulnerability_id":"VCID-jxym-rkhj-yybr","summary":"silverstripe/framework may disclose database credentials during connection failure","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-018-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-018-1.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/214e28127f5425b61c15b69f884afdbad31133c2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/214e28127f5425b61c15b69f884afdbad31133c2"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/54251952387394d72b221e797a80edfbf9a973ee","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/54251952387394d72b221e797a80edfbf9a973ee"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/9aabe0a0f7a061d87cc92923f8811e14d7a032f5","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/9aabe0a0f7a061d87cc92923f8811e14d7a032f5"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2018-018","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2018-018"},{"reference_url":"https://github.com/advisories/GHSA-m2hh-2m46-x6j5","reference_id":"GHSA-m2hh-2m46-x6j5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m2hh-2m46-x6j5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81500?format=json","purl":"pkg:composer/silverstripe/framework@4.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/81495?format=json","purl":"pkg:composer/silverstripe/framework@4.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8bkg-xn4y-nydr"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/81497?format=json","purl":"pkg:composer/silverstripe/framework@4.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8bkg-xn4y-nydr"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.2.2"}],"aliases":["GHSA-m2hh-2m46-x6j5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jxym-rkhj-yybr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/139230?format=json","vulnerability_id":"VCID-k1aa-deyg-2kdg","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14272","reference_id":"","reference_type":"","scores":[{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57522","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14272"},{"reference_url":"https://forum.silverstripe.org/c/releases","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://forum.silverstripe.org/c/releases"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-14272.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-14272.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://www.silverstripe.org/blog/tag/release","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/blog/tag/release"},{"reference_url":"https://www.silverstripe.org/download/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14272","reference_id":"CVE-2019-14272","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14272"},{"reference_url":"https://www.silverstripe.org/download/security-releases/CVE-2019-14272","reference_id":"CVE-2019-14272","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/CVE-2019-14272"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108963?format=json","purl":"pkg:composer/silverstripe/framework@4.0.1-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-25r7-spjd-qufz"},{"vulnerability":"VCID-2e1q-fc4b-mydq"},{"vulnerability":"VCID-2p3r-ff36-aqfm"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-c3aa-8je2-quek"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-hp6e-75gr-uuan"},{"vulnerability":"VCID-hsfb-xx67-7qg6"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-k8vz-xw7w-e3dg"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-pmb3-k9w1-y7gm"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-s99v-qdmh-ebf8"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1-rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/53886?format=json","purl":"pkg:composer/silverstripe/framework@4.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-25r7-spjd-qufz"},{"vulnerability":"VCID-2e1q-fc4b-mydq"},{"vulnerability":"VCID-2p3r-ff36-aqfm"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-c3aa-8je2-quek"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-pmb3-k9w1-y7gm"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/74358?format=json","purl":"pkg:composer/silverstripe/framework@4.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/74360?format=json","purl":"pkg:composer/silverstripe/framework@4.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-4ywc-gcvd-73a9"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4"}],"aliases":["CVE-2019-14272","GHSA-jgw2-f5mx-rg7h"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k1aa-deyg-2kdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/341099?format=json","vulnerability_id":"VCID-k2xa-uwrr-ffez","summary":"Silverstripe uses TinyMCE which allows svg files linked in object tags","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2024-001.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2024-001.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2024-001","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2024-001"},{"reference_url":"https://github.com/advisories/GHSA-52cw-pvq9-9m5v","reference_id":"GHSA-52cw-pvq9-9m5v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-52cw-pvq9-9m5v"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-52cw-pvq9-9m5v","reference_id":"GHSA-52cw-pvq9-9m5v","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-52cw-pvq9-9m5v"},{"reference_url":"https://github.com/advisories/GHSA-5359-pvf2-pw78","reference_id":"GHSA-5359-pvf2-pw78","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5359-pvf2-pw78"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82191?format=json","purl":"pkg:composer/silverstripe/framework@5.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.2.16"}],"aliases":["GHSA-52cw-pvq9-9m5v"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k2xa-uwrr-ffez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/139231?format=json","vulnerability_id":"VCID-k6ed-y2ud-wffu","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14273","reference_id":"","reference_type":"","scores":[{"value":"0.00336","scoring_system":"epss","scoring_elements":"0.56678","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14273"},{"reference_url":"https://forum.silverstripe.org/c/releases","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://forum.silverstripe.org/c/releases"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories"},{"reference_url":"https://www.silverstripe.org/blog/tag/release","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/blog/tag/release"},{"reference_url":"https://www.silverstripe.org/download/security-releases","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases"},{"reference_url":"https://www.silverstripe.org/download/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14273","reference_id":"CVE-2019-14273","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14273"},{"reference_url":"https://www.silverstripe.org/download/security-releases/CVE-2019-14273","reference_id":"CVE-2019-14273","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/CVE-2019-14273"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-14273.yaml","reference_id":"CVE-2019-14273.YAML","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-14273.yaml"},{"reference_url":"https://github.com/advisories/GHSA-43jj-2rwc-2m3f","reference_id":"GHSA-43jj-2rwc-2m3f","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-43jj-2rwc-2m3f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108963?format=json","purl":"pkg:composer/silverstripe/framework@4.0.1-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-25r7-spjd-qufz"},{"vulnerability":"VCID-2e1q-fc4b-mydq"},{"vulnerability":"VCID-2p3r-ff36-aqfm"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-c3aa-8je2-quek"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-hp6e-75gr-uuan"},{"vulnerability":"VCID-hsfb-xx67-7qg6"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-k8vz-xw7w-e3dg"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-pmb3-k9w1-y7gm"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-s99v-qdmh-ebf8"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1-rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/53886?format=json","purl":"pkg:composer/silverstripe/framework@4.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-25r7-spjd-qufz"},{"vulnerability":"VCID-2e1q-fc4b-mydq"},{"vulnerability":"VCID-2p3r-ff36-aqfm"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-c3aa-8je2-quek"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-pmb3-k9w1-y7gm"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/74358?format=json","purl":"pkg:composer/silverstripe/framework@4.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/74360?format=json","purl":"pkg:composer/silverstripe/framework@4.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-4ywc-gcvd-73a9"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4"}],"aliases":["CVE-2019-14273","GHSA-43jj-2rwc-2m3f"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k6ed-y2ud-wffu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/340869?format=json","vulnerability_id":"VCID-k8vz-xw7w-e3dg","summary":"silverstripe/framework CSV Excel Macro Injection","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-007-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-007-1.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/55739fa5af6171594b2cb4f3621d5fcce5e887d4","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/55739fa5af6171594b2cb4f3621d5fcce5e887d4"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/cfe1d4f481bf53ea8da2b8608a563e207d923df9","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/cfe1d4f481bf53ea8da2b8608a563e207d923df9"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/dd4c5417e7592e29e698af428b72bdb9b6729797","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/dd4c5417e7592e29e698af428b72bdb9b6729797"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2017-007","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2017-007"},{"reference_url":"https://github.com/advisories/GHSA-mqjc-x563-c9q8","reference_id":"GHSA-mqjc-x563-c9q8","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mqjc-x563-c9q8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/53886?format=json","purl":"pkg:composer/silverstripe/framework@4.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-25r7-spjd-qufz"},{"vulnerability":"VCID-2e1q-fc4b-mydq"},{"vulnerability":"VCID-2p3r-ff36-aqfm"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-c3aa-8je2-quek"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-pmb3-k9w1-y7gm"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1"}],"aliases":["GHSA-mqjc-x563-c9q8"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k8vz-xw7w-e3dg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/265745?format=json","vulnerability_id":"VCID-kcq9-5h99-abct","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47605","reference_id":"","reference_type":"","scores":[{"value":"0.05366","scoring_system":"epss","scoring_elements":"0.9023","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47605"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-47605.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2024-47605.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-asset-admin/security/advisories/GHSA-7cmp-cgg8-4c82","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:53:47Z/"}],"url":"https://github.com/silverstripe/silverstripe-asset-admin/security/advisories/GHSA-7cmp-cgg8-4c82"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/09b5052c86932f273e0d733428c9aade70ff2a4a","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:53:47Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/09b5052c86932f273e0d733428c9aade70ff2a4a"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47605","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47605"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2024-47605","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:53:47Z/"}],"url":"https://www.silverstripe.org/download/security-releases/cve-2024-47605"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52199.txt","reference_id":"CVE-2024-47605","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52199.txt"},{"reference_url":"https://github.com/advisories/GHSA-7cmp-cgg8-4c82","reference_id":"GHSA-7cmp-cgg8-4c82","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7cmp-cgg8-4c82"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/745232?format=json","purl":"pkg:composer/silverstripe/framework@6.0.0-alpha1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@6.0.0-alpha1"},{"url":"http://public2.vulnerablecode.io/api/packages/193925?format=json","purl":"pkg:composer/silverstripe/framework@5.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.8"}],"aliases":["CVE-2024-47605","GHSA-7cmp-cgg8-4c82"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kcq9-5h99-abct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/138126?format=json","vulnerability_id":"VCID-m2bw-tabk-qyd8","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12617","reference_id":"","reference_type":"","scores":[{"value":"0.00304","scoring_system":"epss","scoring_elements":"0.53918","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12617"},{"reference_url":"https://forum.silverstripe.org/c/releases","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://forum.silverstripe.org/c/releases"},{"reference_url":"https://www.silverstripe.org/blog/tag/release","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/blog/tag/release"},{"reference_url":"https://www.silverstripe.org/download/security-releases","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases"},{"reference_url":"https://www.silverstripe.org/download/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2019-12617","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2019-12617"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12617","reference_id":"CVE-2019-12617","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12617"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2019-12617/","reference_id":"CVE-2019-12617","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/cve-2019-12617/"},{"reference_url":"https://www.silverstripe.org/download/security-releases/CVE-2019-12617","reference_id":"CVE-2019-12617","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/CVE-2019-12617"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12617.yaml","reference_id":"CVE-2019-12617.YAML","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12617.yaml"},{"reference_url":"https://github.com/advisories/GHSA-6r58-4xgr-gm6m","reference_id":"GHSA-6r58-4xgr-gm6m","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6r58-4xgr-gm6m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/145313?format=json","purl":"pkg:composer/silverstripe/framework@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/74358?format=json","purl":"pkg:composer/silverstripe/framework@4.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/74360?format=json","purl":"pkg:composer/silverstripe/framework@4.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-4ywc-gcvd-73a9"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4"}],"aliases":["CVE-2019-12617","GHSA-6r58-4xgr-gm6m"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m2bw-tabk-qyd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/340883?format=json","vulnerability_id":"VCID-mfzd-r5pm-q7es","summary":"silverstripe/framework has potential SQL Injection vulnerability in PostgreSQL database connector","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-020-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-020-1.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/48bd335648188df9dae72be1e5f9c808f3fe1e77","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/48bd335648188df9dae72be1e5f9c808f3fe1e77"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/fecedc2d98eeaaff6424fb59dc70ef6bdc6dc92d","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/fecedc2d98eeaaff6424fb59dc70ef6bdc6dc92d"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2018-020","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2018-020"},{"reference_url":"https://github.com/advisories/GHSA-265q-222x-52m6","reference_id":"GHSA-265q-222x-52m6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-265q-222x-52m6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81503?format=json","purl":"pkg:composer/silverstripe/framework@4.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/81501?format=json","purl":"pkg:composer/silverstripe/framework@4.1.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8bkg-xn4y-nydr"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.4"},{"url":"http://public2.vulnerablecode.io/api/packages/81502?format=json","purl":"pkg:composer/silverstripe/framework@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8bkg-xn4y-nydr"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.2.3"}],"aliases":["GHSA-265q-222x-52m6"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mfzd-r5pm-q7es"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14158?format=json","vulnerability_id":"VCID-mvra-6wnv-xya1","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nSilverStripe Framework suffers from a XSS vulnerablity.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36150","reference_id":"","reference_type":"","scores":[{"value":"0.00372","scoring_system":"epss","scoring_elements":"0.59233","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36150"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/admin/CVE-2021-36150.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/admin/CVE-2021-36150.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/releases","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/releases"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36150","reference_id":"CVE-2021-36150","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-36150"},{"reference_url":"https://www.silverstripe.org/download/security-releases/CVE-2021-36150","reference_id":"CVE-2021-36150","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/CVE-2021-36150"},{"reference_url":"https://github.com/advisories/GHSA-j66h-cc96-c32q","reference_id":"GHSA-j66h-cc96-c32q","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j66h-cc96-c32q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/495335?format=json","purl":"pkg:composer/silverstripe/framework@4.9.0-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.9.0-alpha1"},{"url":"http://public2.vulnerablecode.io/api/packages/58206?format=json","purl":"pkg:composer/silverstripe/framework@4.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.9.0"}],"aliases":["CVE-2021-36150","GHSA-j66h-cc96-c32q"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mvra-6wnv-xya1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/17473?format=json","vulnerability_id":"VCID-nzdu-xh5w-27g7","summary":"URL Redirection to Untrusted Site ('Open Redirect')\nSilverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, an attacker can display a link to a third party website on a login screen by convincing a legitimate content author to follow a specially crafted link. Users should upgrade to Silverstripe Framework 4.12.15 or above to address the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22729","reference_id":"","reference_type":"","scores":[{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42254","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22729"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-22729.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-22729.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/1a5bb4cbece1721203977910b8ecd8b79c18dc77","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T16:10:14Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/1a5bb4cbece1721203977910b8ecd8b79c18dc77"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2023-22729","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2023-22729"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-22729","reference_id":"CVE-2023-22729","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-22729"},{"reference_url":"https://github.com/advisories/GHSA-fw84-xgm8-9jmv","reference_id":"GHSA-fw84-xgm8-9jmv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fw84-xgm8-9jmv"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-fw84-xgm8-9jmv","reference_id":"GHSA-fw84-xgm8-9jmv","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T16:10:14Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-fw84-xgm8-9jmv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63807?format=json","purl":"pkg:composer/silverstripe/framework@4.12.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.12.5"}],"aliases":["CVE-2023-22729","GHSA-fw84-xgm8-9jmv"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nzdu-xh5w-27g7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/340879?format=json","vulnerability_id":"VCID-pmb3-k9w1-y7gm","summary":"silverstripe/framework vulnerable to member disclosure in login form","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-010-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2018-010-1.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/5887201dd578a5b9779c33a182153d2ce973ab41","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/5887201dd578a5b9779c33a182153d2ce973ab41"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2018-010","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2018-010"},{"reference_url":"https://github.com/advisories/GHSA-crr3-h4m8-7f56","reference_id":"GHSA-crr3-h4m8-7f56","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-crr3-h4m8-7f56"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81486?format=json","purl":"pkg:composer/silverstripe/framework@4.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/81488?format=json","purl":"pkg:composer/silverstripe/framework@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8bkg-xn4y-nydr"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.1"}],"aliases":["GHSA-crr3-h4m8-7f56"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pmb3-k9w1-y7gm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/159392?format=json","vulnerability_id":"VCID-qrhh-c86j-rqe6","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25817","reference_id":"","reference_type":"","scores":[{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57604","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25817"},{"reference_url":"https://forum.silverstripe.org/c/releases","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://forum.silverstripe.org/c/releases"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://www.silverstripe.org/blog/tag/release","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/blog/tag/release"},{"reference_url":"https://www.silverstripe.org/download/security-releases","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases"},{"reference_url":"https://www.silverstripe.org/download/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25817","reference_id":"CVE-2020-25817","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25817"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2021-25817","reference_id":"CVE-2021-25817","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2021-25817"},{"reference_url":"https://github.com/advisories/GHSA-3vjc-5x79-m9r8","reference_id":"GHSA-3vjc-5x79-m9r8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3vjc-5x79-m9r8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/419167?format=json","purl":"pkg:composer/silverstripe/framework@4.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/76628?format=json","purl":"pkg:composer/silverstripe/framework@4.7.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.7.4"}],"aliases":["CVE-2020-25817","GHSA-3vjc-5x79-m9r8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qrhh-c86j-rqe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/340874?format=json","vulnerability_id":"VCID-s99v-qdmh-ebf8","summary":"silverstripe/framework's install.php script discloses sensitive data by pre-populating DB credential forms","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-010-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2017-010-1.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/7a79cd039a96ef54182263d5fbb72addf093b171","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/7a79cd039a96ef54182263d5fbb72addf093b171"},{"reference_url":"https://www.silverstripe.org/download/security-releases/ss-2017-010","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/ss-2017-010"},{"reference_url":"https://github.com/advisories/GHSA-r3pr-fh25-wrfc","reference_id":"GHSA-r3pr-fh25-wrfc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r3pr-fh25-wrfc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/53886?format=json","purl":"pkg:composer/silverstripe/framework@4.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-25r7-spjd-qufz"},{"vulnerability":"VCID-2e1q-fc4b-mydq"},{"vulnerability":"VCID-2p3r-ff36-aqfm"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-3497-71mw-yqh8"},{"vulnerability":"VCID-4mg2-rjsn-qyfx"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-6zn9-kt2q-s3bq"},{"vulnerability":"VCID-7kmy-8ht6-8fcw"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-9vwe-uejx-c3c5"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-c3aa-8je2-quek"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-jxym-rkhj-yybr"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-m2bw-tabk-qyd8"},{"vulnerability":"VCID-mfzd-r5pm-q7es"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-pmb3-k9w1-y7gm"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-x6g5-a61e-3khu"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"},{"vulnerability":"VCID-yxg1-dz91-ckgs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1"}],"aliases":["GHSA-r3pr-fh25-wrfc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s99v-qdmh-ebf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19289?format=json","vulnerability_id":"VCID-txyu-4qkf-r3cs","summary":"Exposure of Sensitive Information to an Unauthorized Actor\nSilverstripe Framework is the framework that forms the base of the Silverstripe content management system. Prior to versions 4.13.39 and 5.1.11, if a user should not be able to see a record, but that record can be added to a `GridField` using the `GridFieldAddExistingAutocompleter` component, the record's title can be accessed by that user. Versions 4.13.39 and 5.1.11 contain a fix for this issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48714","reference_id":"","reference_type":"","scores":[{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45409","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48714"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48714","reference_id":"CVE-2023-48714","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48714"},{"reference_url":"https://www.silverstripe.org/download/security-releases/CVE-2023-48714","reference_id":"CVE-2023-48714","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T23:32:05Z/"}],"url":"https://www.silverstripe.org/download/security-releases/CVE-2023-48714"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-48714.yaml","reference_id":"CVE-2023-48714.YAML","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2023-48714.yaml"},{"reference_url":"https://github.com/advisories/GHSA-qm2j-qvq3-j29v","reference_id":"GHSA-qm2j-qvq3-j29v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qm2j-qvq3-j29v"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-qm2j-qvq3-j29v","reference_id":"GHSA-qm2j-qvq3-j29v","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T23:32:05Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-qm2j-qvq3-j29v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/67386?format=json","purl":"pkg:composer/silverstripe/framework@4.13.39","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.13.39"},{"url":"http://public2.vulnerablecode.io/api/packages/67387?format=json","purl":"pkg:composer/silverstripe/framework@5.1.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.1.11"}],"aliases":["CVE-2023-48714","GHSA-qm2j-qvq3-j29v"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-txyu-4qkf-r3cs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/137844?format=json","vulnerability_id":"VCID-x6g5-a61e-3khu","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12205","reference_id":"","reference_type":"","scores":[{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59603","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12205"},{"reference_url":"https://forum.silverstripe.org/c/releases","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://forum.silverstripe.org/c/releases"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12205.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12205.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-admin/commit/6e6fa5c618b9dbf4cc0a56704834bfa1d5b0d18e","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-admin/commit/6e6fa5c618b9dbf4cc0a56704834bfa1d5b0d18e"},{"reference_url":"https://www.silverstripe.org/download/security-releases","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases"},{"reference_url":"https://www.silverstripe.org/download/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2019-12205","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2019-12205"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12205","reference_id":"CVE-2019-12205","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12205"},{"reference_url":"https://www.silverstripe.org/download/security-releases/CVE-2019-12205","reference_id":"CVE-2019-12205","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/CVE-2019-12205"},{"reference_url":"https://github.com/advisories/GHSA-rfvw-5848-gxc5","reference_id":"GHSA-rfvw-5848-gxc5","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rfvw-5848-gxc5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/145313?format=json","purl":"pkg:composer/silverstripe/framework@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/74358?format=json","purl":"pkg:composer/silverstripe/framework@4.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/74360?format=json","purl":"pkg:composer/silverstripe/framework@4.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-4ywc-gcvd-73a9"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4"}],"aliases":["CVE-2019-12205","GHSA-rfvw-5848-gxc5"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x6g5-a61e-3khu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/292206?format=json","vulnerability_id":"VCID-ywfx-pjg6-aqcj","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30148","reference_id":"","reference_type":"","scores":[{"value":"0.00224","scoring_system":"epss","scoring_elements":"0.45159","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30148"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2025-30148.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2025-30148.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/commit/e99cfd62d160d145a76fcf9631e6b11226e42358","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T13:34:01Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/commit/e99cfd62d160d145a76fcf9631e6b11226e42358"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/pull/11682","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework/pull/11682"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-rhx4-hvx9-j387","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T13:34:01Z/"}],"url":"https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-rhx4-hvx9-j387"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-30148","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-30148"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2025-30148","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T13:34:01Z/"}],"url":"https://www.silverstripe.org/download/security-releases/cve-2025-30148"},{"reference_url":"https://github.com/advisories/GHSA-rhx4-hvx9-j387","reference_id":"GHSA-rhx4-hvx9-j387","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rhx4-hvx9-j387"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/193268?format=json","purl":"pkg:composer/silverstripe/framework@5.3.23","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@5.3.23"}],"aliases":["CVE-2025-30148","GHSA-rhx4-hvx9-j387"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ywfx-pjg6-aqcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13696?format=json","vulnerability_id":"VCID-yxg1-dz91-ckgs","summary":"Cross-Site Request Forgery (CSRF)\nCross Site Request Forgery (CSRF) Protection Bypass in GraphQL.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12437","reference_id":"","reference_type":"","scores":[{"value":"0.002","scoring_system":"epss","scoring_elements":"0.41992","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12437"},{"reference_url":"https://forum.silverstripe.org/c/releases","reference_id":"","reference_type":"","scores":[],"url":"https://forum.silverstripe.org/c/releases"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/graphql/CVE-2019-12437.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/graphql/CVE-2019-12437.yaml"},{"reference_url":"https://github.com/silverstripe/silverstripe-graphql","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-graphql"},{"reference_url":"https://github.com/silverstripe/silverstripe-graphql/commit/3c1dd6b839b7c0e2cbc85074bb5840ebded6097c","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-graphql/commit/3c1dd6b839b7c0e2cbc85074bb5840ebded6097c"},{"reference_url":"https://github.com/silverstripe/silverstripe-graphql/commit/db28f3075ae2335905f43ac808e9177497e354ff","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-graphql/commit/db28f3075ae2335905f43ac808e9177497e354ff"},{"reference_url":"https://www.silverstripe.org/blog/tag/release","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/blog/tag/release"},{"reference_url":"https://www.silverstripe.org/download/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12437","reference_id":"CVE-2019-12437","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12437"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2019-12437","reference_id":"CVE-2019-12437","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2019-12437"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/145313?format=json","purl":"pkg:composer/silverstripe/framework@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1p7c-bq8f-77g2"},{"vulnerability":"VCID-2uck-cp19-v3e9"},{"vulnerability":"VCID-4qq2-bbj1-8fdb"},{"vulnerability":"VCID-4vmq-kug8-dug8"},{"vulnerability":"VCID-5ccd-zu9e-yfgp"},{"vulnerability":"VCID-5j19-xx5v-fkck"},{"vulnerability":"VCID-8csb-m7rv-xyh2"},{"vulnerability":"VCID-adng-1x6w-2baj"},{"vulnerability":"VCID-cskj-c9ur-47dj"},{"vulnerability":"VCID-d1ap-2u1x-y7gg"},{"vulnerability":"VCID-d62k-jng6-5fd8"},{"vulnerability":"VCID-d6gt-9mst-dub4"},{"vulnerability":"VCID-dgmv-7v1e-k3b9"},{"vulnerability":"VCID-djww-2v4e-qkb2"},{"vulnerability":"VCID-ewqs-8fqc-b3hk"},{"vulnerability":"VCID-fn6y-hytc-r3b5"},{"vulnerability":"VCID-gr5g-7tkc-2kfa"},{"vulnerability":"VCID-hj46-jp5w-ckd1"},{"vulnerability":"VCID-jc9t-3hb5-z3g5"},{"vulnerability":"VCID-k2xa-uwrr-ffez"},{"vulnerability":"VCID-kcq9-5h99-abct"},{"vulnerability":"VCID-mvra-6wnv-xya1"},{"vulnerability":"VCID-nzdu-xh5w-27g7"},{"vulnerability":"VCID-qrhh-c86j-rqe6"},{"vulnerability":"VCID-txyu-4qkf-r3cs"},{"vulnerability":"VCID-ywfx-pjg6-aqcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4"}],"aliases":["CVE-2019-12437","GHSA-fx37-56v6-85q6"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yxg1-dz91-ckgs"}],"fixing_vulnerabilities":[],"risk_score":"3.1","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.0-rc3"}