Packagist (Composer) package
bytefury/crater
pkg:composer/bytefury/crater
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-0372 | — | < 6.0.0 | 6.0.0 | Jan 27, 2022 | Cross-site Scripting (XSS) - Stored in Packagist bytefury/crater prior to 6.0.2. | ||
| CVE-2022-0203 | — | < 6.0.2 | 6.0.2 | Jan 26, 2022 | Improper Access Control in GitHub repository crater-invoice/crater prior to 6.0.2. | ||
| CVE-2022-0242 | — | < 6.0 | 6.0 | Jan 17, 2022 | Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0. | ||
| CVE-2021-4080 | — | < 6.0.0 | 6.0.0 | Jan 12, 2022 | crater is vulnerable to Unrestricted Upload of File with Dangerous Type |
- CVE-2022-0372Jan 27, 2022affected < 6.0.0fixed 6.0.0
Cross-site Scripting (XSS) - Stored in Packagist bytefury/crater prior to 6.0.2.
- CVE-2022-0203Jan 26, 2022affected < 6.0.2fixed 6.0.2
Improper Access Control in GitHub repository crater-invoice/crater prior to 6.0.2.
- CVE-2022-0242Jan 17, 2022affected < 6.0fixed 6.0
Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0.
- CVE-2021-4080Jan 12, 2022affected < 6.0.0fixed 6.0.0
crater is vulnerable to Unrestricted Upload of File with Dangerous Type