pkg:Bitnami/silverstripe

所有已知漏洞

• HIGH7.5CVE-2020-6164Silverstripe CMS information disclosure
  from 0, < 3.0.0, >= 4.0.0, < 4.4.7, >= 4.5.0, < 4.5.4
• HIGH7.5CVE-2020-9280SilverStripe Folders migrated from 3.x may be unsafe to upload to
  >= 4.0.0, < 4.5.0
• MEDIUM6.5CVE-2021-41559Quadratic blowup in Convert::xml2array()
  from 0, < 4.10.9
• MEDIUM6.5CVE-2022-24444Hybridsessions does not expire session id on logout
  from 0, < 2.4.0 | >= 2.5.0, <= 2.5.0
• MEDIUM6.5CVE-2020-26136Authentication bypass in SilverStripe GraphQL
  from 0, < 4.6.0 | >= 4.6.0-rc1, <= 4.6.0-rc1
• MEDIUM6.1CVE-2021-36150Cross-site Scripting in SilverStripe Framework
  >= 1.0.0, < 1.8.1, >= 1.9.0, < 4.8.1
• MEDIUM5.4CVE-2022-37421Silverstipe CMS Stored XSS in custom meta tags
  >= 3.0.0, < 4.11.3
• MEDIUM5.4CVE-2022-28803Stored XSS in link tags added via XHR in SilverStripe Framework
  from 0, < 4.10.9
• MEDIUM5.4CVE-2020-9311Silverstripe CMS XSS Vulnerability
  >= 3.0.0, < 3.7.5
• MEDIUM5.3CVE-2020-6165Silverstripe has Incorrect Default Permissions
  >= 3.2.0, < 3.2.4, >= 3.2.5, < 3.3.0, >= 4.5.0, < 4.5.3
• MEDIUM5.3CVE-2020-26138FormField with square brackets in field name skips validation
  from 0, < 4.6.0 | >= 4.6.0-rc1, <= 4.6.0-rc1
• MEDIUM4.8CVE-2020-25817SilverStripe XXE Vulnerability in CSSContentParser
  from 0, < 4.6.0 | >= 4.6.0-rc1, <= 4.6.0-rc1
• MEDIUM4.3CVE-2021-28661SilverStripe GraphQL Server permission checker not inherited by query subclass.
  >= 3.0.0, < 3.4.1