pkg:Packagist/silverstripe/graphql

7 total CVEsHIGH3MEDIUM4

✅ Check your installed version

All known vulnerabilities

  • HIGH8.8CVE-2019-12437Silverstripe CSRF Protection Bypass via GraphQL
    >= 2.0.0, < 2.0.5
  • HIGH7.5CVE-2023-40180Silverstripe GraphQL has DDOS Vulnerability due to lack of protection against recursive queries
    >= 3.0.0, < 3.8.2
  • HIGH7.5CVE-2023-28104DDOS attack on graphql endpoints
    >= 4.1.1, < 4.1.2
  • MEDIUM6.5CVE-2020-26136Authentication bypass in SilverStripe GraphQL
    >= 3.0.0, < 3.5.0
  • MEDIUM5.3CVE-2023-44401View permissions are bypassed for paginated lists of ORM data
    >= 4.0.0, < 4.3.7
  • MEDIUM5.3CVE-2020-6165Silverstripe has Incorrect Default Permissions
    >= 3.2.0, < 3.2.4
  • MEDIUM4.3CVE-2021-28661SilverStripe GraphQL Server permission checker not inherited by query subclass.
    >= 3.0.0, < 3.5.2