pkg:composer/sylius/resource-bundle
Type
composer
Namespace
sylius
Name
resource-bundle
Known advisories, vulnerabilities and fixes for resource-bundle package.
High
2
Medium
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | >= 1.1.0, < 1.2.0 >= 1.3.0, < 1.3.14 >= 1.6.0, < 1.6.4 >= 1.4.0, < 1.4.7 >= 1.5.0, < 1.5.2 >= 1.0.0, < 1.1.0 >= 1.2.0, < 1.3.0 |
CVE-2020-15143
|
PHP:SYLIUS-RESOURCE-BUNDLE-2020-15143 | Remote Code Execution in ParametersParser while using request parameters inside expression language | high |
2020-08-18T09:05:00
(4 years ago) |
|
Affected | >= 1.2.0, < 1.3.0 >= 1.5.0, < 1.5.2 >= 1.0.0, < 1.1.0 >= 1.4.0, < 1.4.7 >= 1.3.0, < 1.3.14 >= 1.6.0, < 1.6.4 >= 1.1.0, < 1.2.0 |
CVE-2020-15146
|
PHP:SYLIUS-RESOURCE-BUNDLE-2020-15146 | Remote Code Execution in OptionsParser while using request parameters inside expression language | high |
2020-08-18T09:05:00
(4 years ago) |
|
Affected | >= 1.3.0, < 1.3.13 >= 1.6.0, < 1.6.3 >= 1.1.0, < 1.2.0 >= 1.4.0, < 1.4.6 >= 1.5.0, < 1.5.1 >= 1.2.0, < 1.3.0 >= 1.0.0, < 1.1.0 |
CVE-2020-5220
|
PHP:SYLIUS-RESOURCE-BUNDLE-2020-5220 | Ability to define unintended serialisation groups via HTTP header which might lead to data exposure | medium |
2020-01-27T13:54:00
(4 years ago) |