pkg:Packagist/silverstripe/assets

6 total CVEsHIGH1MEDIUM5

✅ Check your installed version

All known vulnerabilities

  • HIGH7.5CVE-2020-9280SilverStripe Folders migrated from 3.x may be unsafe to upload to
    >= 1.0.0, < 1.4.7
  • MEDIUM5.4CVE-2022-38724Silverstripe XSS in shortcodes
    >= 1.0.0, < 1.11.1
  • MEDIUM5.4CVE-2022-38147XSS via uploaded gpx file
    >= 1.0.0, < 1.11.1
  • MEDIUM5.3CVE-2026-24749Silverstripe Assets Module has a DBFile::getURL() permission bypass
    from 0, < 2.4.5
  • MEDIUM5.3CVE-2019-12245Lack of access control on upoaded files
    >= 1.0.0, < 1.3.5
  • MEDIUM4.3CVE-2022-29858Unpublished, protected files can be published via shortcode
    >= 1.0.0, < 1.10.1