GHSA-32m2-9f76-4gv8

Опубликовано: 06 фев. 2022

Источник: github

Github: Прошло ревью

CVSS3: 4.3

Описание

Business Logic Errors in SilverStripe Framework

SilverStripe Framework prior to version 4.10.1 is vulnerable to business logic errors.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2022-0227
https://github.com/silverstripe/silverstripe-framework/commit/cbf2987a616e9ef4d7eccae5d763ef2179bdbcc2
https://huntr.dev/bounties/35631e3a-f4b9-41ad-857c-7e3021932a72

Пакеты

Наименование

silverstripe/framework

composer

Затронутые версииВерсия исправления

< 4.10.1

4.10.1

4.3 Medium

CVSS3

CVE ID

CVE-2022-0227

Связанные уязвимости

CVE-2022-0227

nvd

около 4 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage

4.3 Medium

CVSS3

CVE ID

CVE-2022-0227