{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52000?format=json","vulnerability_id":"VCID-nzcm-xbxx-wyf9","summary":"SilverStripe Versioned Files module Unpublished files are exposed publicly\nIn the Versioned Files module through 2.0.3 for SilverStripe 3.x, unpublished versions of files are publicly exposed to anyone who can guess their URL. This guess could be highly informed by a basic understanding of the symbiote/silverstripe-versionedfiles source code. (Users who upgrade from SilverStripe 3.x to 4.x and had Versioned Files installed have no further need for this module, because the 4.x release has built-in versioning. However, nothing in the upgrade process automates the destruction of these insecure artefacts, nor alerts the user to the criticality of destruction.)","aliases":[{"alias":"CVE-2019-16409"},{"alias":"GHSA-xm6j-x342-gwq9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/76174?format=json","purl":"pkg:composer/silverstripe/framework@4.3.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.5"},{"url":"http://public2.vulnerablecode.io/api/packages/76175?format=json","purl":"pkg:composer/silverstripe/framework@4.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dt7-nc8t-nqgh"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.4"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/54914?format=json","purl":"pkg:composer/silverstripe/framework@4.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-2hk2-hzyh-wbhf"},{"vulnerability":"VCID-7hxq-cp29-r7dh"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-mkex-ht2r-cucz"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-qdwg-f2bx-1bay"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/215640?format=json","purl":"pkg:composer/silverstripe/framework@4.0.1-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1-rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/54917?format=json","purl":"pkg:composer/silverstripe/framework@4.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/232545?format=json","purl":"pkg:composer/silverstripe/framework@4.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/232546?format=json","purl":"pkg:composer/silverstripe/framework@4.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/81612?format=json","purl":"pkg:composer/silverstripe/framework@4.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/81626?format=json","purl":"pkg:composer/silverstripe/framework@4.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/81645?format=json","purl":"pkg:composer/silverstripe/framework@4.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/57787?format=json","purl":"pkg:composer/silverstripe/framework@4.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/81611?format=json","purl":"pkg:composer/silverstripe/framework@4.1.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8pp1-8paa-c7g5"},{"vulnerability":"VCID-aj7q-x4hc-xbdm"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-g7kn-gn2m-myc3"},{"vulnerability":"VCID-h9g1-7wez-8qft"},{"vulnerability":"VCID-hpf9-1qaj-5kff"},{"vulnerability":"VCID-hq36-9ntc-akez"},{"vulnerability":"VCID-m3us-9sft-wbh8"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-p2m9-rejx-e3e9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-tsdn-bu3d-ubaf"},{"vulnerability":"VCID-u9e7-1zhg-mygt"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-yxuh-bxh5-z3cw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.0-rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/241595?format=json","purl":"pkg:composer/silverstripe/framework@4.1.0-rc2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.0-rc2"},{"url":"http://public2.vulnerablecode.io/api/packages/57782?format=json","purl":"pkg:composer/silverstripe/framework@4.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/81613?format=json","purl":"pkg:composer/silverstripe/framework@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/232547?format=json","purl":"pkg:composer/silverstripe/framework@4.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/81627?format=json","purl":"pkg:composer/silverstripe/framework@4.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/81646?format=json","purl":"pkg:composer/silverstripe/framework@4.1.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.4"},{"url":"http://public2.vulnerablecode.io/api/packages/57788?format=json","purl":"pkg:composer/silverstripe/framework@4.1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/241596?format=json","purl":"pkg:composer/silverstripe/framework@4.2.0-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.2.0-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/57783?format=json","purl":"pkg:composer/silverstripe/framework@4.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/232548?format=json","purl":"pkg:composer/silverstripe/framework@4.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/81628?format=json","purl":"pkg:composer/silverstripe/framework@4.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/81647?format=json","purl":"pkg:composer/silverstripe/framework@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/57789?format=json","purl":"pkg:composer/silverstripe/framework@4.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.2.4"},{"url":"http://public2.vulnerablecode.io/api/packages/241597?format=json","purl":"pkg:composer/silverstripe/framework@4.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.2.5"},{"url":"http://public2.vulnerablecode.io/api/packages/241598?format=json","purl":"pkg:composer/silverstripe/framework@4.3.0-rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.0-rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/57784?format=json","purl":"pkg:composer/silverstripe/framework@4.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mmc-91gk-r3d3"},{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/57790?format=json","purl":"pkg:composer/silverstripe/framework@4.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/241599?format=json","purl":"pkg:composer/silverstripe/framework@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/75985?format=json","purl":"pkg:composer/silverstripe/framework@4.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-b6nm-cphj-wfgw"},{"vulnerability":"VCID-cmwn-cjff-9qau"},{"vulnerability":"VCID-nute-ndg2-z7ev"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-r1eg-dwej-5kau"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-xg74-3h1h-kqaf"},{"vulnerability":"VCID-y8et-m846-2fc6"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"},{"vulnerability":"VCID-z94y-nz4f-y7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.3"},{"url":"http://public2.vulnerablecode.io/api/packages/75986?format=json","purl":"pkg:composer/silverstripe/framework@4.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/76173?format=json","purl":"pkg:composer/silverstripe/framework@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dt7-nc8t-nqgh"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/243981?format=json","purl":"pkg:composer/silverstripe/framework@4.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dt7-nc8t-nqgh"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/243982?format=json","purl":"pkg:composer/silverstripe/framework@4.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dt7-nc8t-nqgh"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/243983?format=json","purl":"pkg:composer/silverstripe/framework@4.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5dt7-nc8t-nqgh"},{"vulnerability":"VCID-nzcm-xbxx-wyf9"},{"vulnerability":"VCID-ru3j-21j8-ayhm"},{"vulnerability":"VCID-ytbc-8mhd-b3fc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/silverstripe/framework@4.4.3"},{"url":"http://public2.vulnerablecode.io/api/packages/244145?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@1.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@1.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/244154?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@1.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@1.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/244155?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@1.0.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@1.0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/244156?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@1.0.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@1.0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/244157?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@1.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@1.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/244146?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@1.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@1.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/244147?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@1.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@1.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/244148?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@1.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@1.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/244149?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@1.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@1.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/244150?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@1.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@1.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/244151?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@1.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@1.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/244152?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@1.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@1.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/244153?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@1.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@1.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/244158?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/244159?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/244160?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@2.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@2.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/76187?format=json","purl":"pkg:composer/symbiote/silverstripe-versionedfiles@2.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nzcm-xbxx-wyf9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symbiote/silverstripe-versionedfiles@2.0.3"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16409","reference_id":"","reference_type":"","scores":[{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53437","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16409"},{"reference_url":"https://github.com/silverstripe/silverstripe-framework","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/silverstripe/silverstripe-framework"},{"reference_url":"https://github.com/symbiote/silverstripe-versionedfiles","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/symbiote/silverstripe-versionedfiles"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16409","reference_id":"CVE-2019-16409","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16409"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2019-16409","reference_id":"CVE-2019-16409","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.silverstripe.org/download/security-releases/cve-2019-16409"},{"reference_url":"https://www.silverstripe.org/download/security-releases/cve-2019-16409/","reference_id":"CVE-2019-16409","reference_type":"","scores":[],"url":"https://www.silverstripe.org/download/security-releases/cve-2019-16409/"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-16409.yaml","reference_id":"CVE-2019-16409.YAML","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-16409.yaml"},{"reference_url":"https://github.com/advisories/GHSA-xm6j-x342-gwq9","reference_id":"GHSA-xm6j-x342-gwq9","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xm6j-x342-gwq9"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":200,"name":"Exposure of Sensitive Information to an Unauthorized Actor","description":"The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information."}],"exploits":[],"severity_range_score":"4.0 - 6.9","exploitability":"0.5","weighted_severity":"6.2","risk_score":3.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nzcm-xbxx-wyf9"}