CVE-2019-12246
MEDIUM4.3EPSS 0.16%SilverStripe Denial of Service on flush and development URL tools
Published: 5/24/2022Modified: 4/25/2024
Also known as:GHSA-5fr8-xhqq-4p3q
Description
SilverStripe before 4.4.0 allows a Denial of Service on flush and development URL tools.
Affected packages (1)
- Packagist/silverstripe/framework>= 4.0.0, < 4.4.0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM4.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
References (7)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2019-12246
- PATCHhttps://github.com/silverstripe/silverstripe-framework
- WEBhttps://forum.silverstripe.org/c/releases
- WEBhttps://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/CVE-2019-12246.yaml
- WEBhttps://github.com/silverstripe/silverstripe-framework/commit/ca56e8d78e468874b9267c94d8ec75240b6da0ab
- WEBhttps://www.silverstripe.org/blog/tag/release
- WEBhttps://www.silverstripe.org/download/security-releases/cve-2019-12246