Homepage

getgrav/grav vulnerabilities

Licenses: MIT

License

MIT>=0;
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the getgrav/grav package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
Cross-site Scripting (XSS)

>=0.0.0
  • H
Improper Authorization

<1.8.0-beta.27
  • H
Improper Neutralization of Special Elements Used in a Template Engine

<1.8.0-beta.27
  • H
Improper Neutralization of Special Elements Used in a Template Engine

<1.8.0-beta.27
  • H
Directory Traversal

<1.8.0-beta.27
  • H
Arbitrary Code Injection

<1.8.0-beta.27
  • H
Arbitrary Code Injection

<1.8.0-beta.27
  • H
Incorrect Privilege Assignment

<1.8.0-beta.27
  • H
Information Exposure

<1.8.0-beta.27
  • M
Directory Traversal

<1.8.0-beta.27
  • M
Uncaught Exception

<1.8.0-beta.27
  • H
Directory Traversal

<1.8.0-beta.27
  • M
Authorization Bypass Through User-Controlled Key

<1.8.0-beta.27
  • M
Denial of Service (DoS)

<1.8.0-beta.27
  • M
Cross-site Scripting (XSS)

>=0.0.0
  • H
Directory Traversal

<1.7.46
  • M
Cross-site Scripting (XSS)

<1.3.0
  • H
Code Injection

<1.7.45
  • H
Code Injection

<1.7.45
  • H
Improper Control of Generation of Code ('Code Injection')

<1.7.45
  • C
Path Traversal

<1.7.45
  • H
Improper Control of Generation of Code ('Code Injection')

<1.7.45
  • H
Arbitrary File Upload

<1.7.43
  • H
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

>=1.7.42.1, <1.7.42.2
  • H
Remote Code Execution (RCE)

<1.7.34
  • H
Improper Input Validation

<1.7.42
  • H
Incomplete List of Disallowed Inputs

<1.7.42
  • C
Arbitrary Code Injection

<1.7.42
  • H
Incomplete List of Disallowed Inputs

<1.7.42
  • C
Code Injection

<1.7.34
  • L
Cross-site Scripting (XSS)

<1.7.33
  • M
Cross-site Scripting (XSS)

<1.7.31
  • M
Cross-site Scripting (XSS)

<1.7.31
  • M
Cross-site Scripting (XSS)

<1.7.28
  • M
Open Redirect

<1.6.23
  • H
Directory Traversal

<1.7.25
  • M
Cross-site Scripting (XSS)

<1.7.24
  • L
Improper Access Control

<1.7.21
  • H
Arbitrary Code Execution

<1.7.11
  • M
Directory Traversal

>=1.7.0-beta.1, <1.7.0-rc.18<1.6.29
  • M
Directory Traversal

>=1.7.0-beta.1, <1.7.0-rc.18<1.6.29
  • M
Cross Site Scripting (XSS)

<1.6.29
  • H
Cross-site Scripting (XSS)

<1.6.30
  • M
Cross-site Scripting (XSS)

>=0.0.0, <1.6.16