pkg:Packagist/flightphp/core

共 5 筆 CVEHIGH3MEDIUM1

✅ 檢查你的版本

所有已知漏洞

  • HIGH8.8CVE-2026-42550Flight vulnerable to SQL Injection via unvalidated identifiers in SimplePdo::insert / update / delete
    from 0, < 3.18.1
  • HIGH7.5CVE-2026-42552Flight vulnerable to sensitive information disclosure via default error handler
    from 0, < 3.18.1
  • HIGH7.5CVE-2026-42551Flight: HTTP method override enabled by default, facilitating CSRF escalation and middleware bypass
    from 0, < 3.18.1
  • MEDIUM4.4CVE-2026-42549Flight has path traversal in `make:controller` CLI that creates arbitrary directories outside project root
    from 0, < 3.18.1
  • CVE-2026-42548Flight has reflected XSS through an unvalidated JSONP callback in Flight::jsonp()
    from 0, < 3.18.1