Vulnerability DB

VULNERABILITY	AFFECTS	TYPE	PUBLISHED
H Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')	silverstripe/framework >=4.0.3-rc1, <4.0.4 >=4.1.0-rc1, <4.1.1	Composer	28 May 2024
H URL Redirection to Untrusted Site ('Open Redirect')	silverstripe/framework >=4.0.0-rc1, <4.0.4 >=4.1.0-rc1, <4.1.1	Composer	28 May 2024
M Privilege Escalation	silverstripe/framework >=3.5.7-rc1, <3.5.8 >=3.6.0-rc1, <3.6.6 >=4.0.0-rc1, <4.0.4 >=4.1.0-rc1, <4.1.1	Composer	28 May 2024
M Information Exposure	silverstripe/framework >=4.0.0-rc1, <4.0.1	Composer	28 May 2024
H Missing Encryption of Sensitive Data	silverstripe/framework >=3.5.0-rc1, <3.5.6 >=3.6.0-rc1, <3.6.3 >=4.0.0-rc1, <4.0.1	Composer	28 May 2024
H SQL Injection	silverstripe/framework >=3.5.0-rc1, <3.5.6 >=3.6.0-rc1, <3.6.3 >=4.0.0-rc1, <4.0.1	Composer	28 May 2024
H Session Fixation	silverstripe/framework >=3.5.0-rc1, <3.5.6 >=3.6.0-rc1, <3.6.3	Composer	28 May 2024
M Cross-site Scripting (XSS)	silverstripe/framework >=3.4.0-rc1, <3.4.6 >=3.5.0-rc1, <3.5.4	Composer	28 May 2024
M Cross-site Scripting (XSS)	silverstripe/framework >=3.4.0-rc1, <3.4.6 >=3.5.0-rc1, <3.5.4	Composer	28 May 2024
M Information Exposure	silverstripe/framework >=3.4.0-rc1, <3.4.6 >=3.5.0-rc1, <3.5.4	Composer	28 May 2024
M Cross-site Scripting (XSS)	silverstripe/framework >=3.1.19-rc1, <3.1.20 >=3.2.4-rc1, <3.2.5 >=3.3.2-rc1, <3.3.3 >=3.4.0-rc1, <3.4.1	Composer	28 May 2024
M Cross-site Scripting (XSS)	silverstripe/framework >=3.1.19-rc1, <3.1.20 >=3.2.4-rc1, <3.2.5 >=3.3.2-rc1, <3.3.3 >=3.4.0-rc1, <3.4.1	Composer	28 May 2024
M Cross-site Scripting (XSS)	silverstripe/framework >=3.1.0-rc1, <3.1.21 >=3.2.0-rc1, <3.2.6 >=3.3.0-rc1, <3.3.4 >=3.4.0-rc1, <3.4.2	Composer	28 May 2024
M Cross-site Scripting (XSS)	silverstripe/framework >=3.4.0-rc1, <3.4.4 >=3.5.0-rc1, <3.5.2	Composer	28 May 2024
L Insufficient Session Expiration	silverstripe/framework >=3.1.19-rc1, <3.1.20 >=3.2.4-rc1, <3.2.5 >=3.3.2-rc1, <3.3.3 >=3.4.0-rc1, <3.4.1	Composer	28 May 2024
M Cross-site Scripting (XSS)	silverstripe/framework >=3.1.19-rc1, <3.1.20 >=3.2.4-rc1, <3.2.5 >=3.3.2-rc1, <3.3.3 >=3.4.0-rc1, <3.4.1	Composer	28 May 2024
M Improper Authentication	silverstripe/framework >=3.1.19-rc1, <3.1.20 >=3.2.4-rc1, <3.2.5 >=3.3.2-rc1, <3.3.3 >=3.4.0-rc1, <3.4.1	Composer	28 May 2024
M Missing Authorization	silverstripe/framework >=3.1.19-rc1, <3.1.20 >=3.2.4-rc1, <3.2.5 >=3.3.2-rc1, <3.3.3 >=3.4.0-rc1, <3.4.1	Composer	28 May 2024
L Use of a One-Way Hash without a Salt	silverstripe/framework >=3.1.19-rc1, <3.1.20 >=3.2.4-rc1, <3.2.5 >=3.3.2-rc1, <3.3.3 >=3.4.0-rc1, <3.4.1	Composer	28 May 2024
M Improper Input Validation	silverstripe/framework >=4.0.0-rc1, <4.0.4 >=4.1.0-rc1, <4.1.1	Composer	28 May 2024
M Information Exposure	silverstripe/framework >=4.0.0-rc1, <4.0.4 >=4.1.0-rc1, <4.1.1	Composer	28 May 2024
M SQL Injection	github.com/meshery/meshery/server/models <0.7.22	Go	28 May 2024
M SQL Injection	github.com/meshery/meshery/server/handlers <0.7.22	Go	28 May 2024
M SQL Injection	github.com/layer5io/meshery/server/models <0.7.22	Go	28 May 2024
M SQL Injection	github.com/layer5io/meshery/server/handlers <0.7.22	Go	28 May 2024
M SQL Injection	github.com/meshery/meshery/server/models <0.7.22	Go	28 May 2024
M SQL Injection	github.com/meshery/meshery/server/handlers <0.7.22	Go	28 May 2024
M Allocation of Resources Without Limits or Throttling	github.com/stacklok/minder/internal/verifier/sigstore/container <0.0.51	Go	28 May 2024
H Directory Traversal	org.openapitools:openapi-generator-online [,7.6.0)	Maven	28 May 2024
H Allocation of Resources Without Limits or Throttling	rack-contrib <2.5.0	RubyGems	28 May 2024

APPLICATION

OPERATING SYSTEM