Packagist (Composer) package
filament/tables
pkg:composer/filament/tables
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-48067 | — | >= 3.0.0, < 3.3.51 | 3.3.51 | Jun 11, 2026 | The `recordSelectOptionsQuery()` method may be used to scope the options available in the `Select` field for `AttachAction` and `AssociateAction`. However, the built-in validation rule for these fields did not apply the same scope. As a result, a user who can trigger these action | ||
| CVE-2026-33080 | — | >= 4.0.0, < 4.8.5 | 4.8.5 | Mar 20, 2026 | Filament is a collection of full-stack components for accelerated Laravel development. Versions 4.0.0 through 4.8.4 and 5.0.0 through 5.3.4 have two Filament Table summarizers (Range, Values) that render raw database values without escaping HTML. If there is a lack of validation | ||
| CVE-2024-47186 | — | >= 3.0.0, < 3.2.115 | 3.2.115 | Sep 27, 2024 | Filament is a collection of full-stack components for Laravel development. Versions of Filament from v3.0.0 through v3.2.114 are affected by a cross-site scripting (XSS) vulnerability. If values passed to a `ColorColumn` or `ColumnEntry` are not valid and contain a specific set o |
- CVE-2026-48067Jun 11, 2026affected >= 3.0.0, < 3.3.51fixed 3.3.51
The `recordSelectOptionsQuery()` method may be used to scope the options available in the `Select` field for `AttachAction` and `AssociateAction`. However, the built-in validation rule for these fields did not apply the same scope. As a result, a user who can trigger these action
- CVE-2026-33080Mar 20, 2026affected >= 4.0.0, < 4.8.5fixed 4.8.5
Filament is a collection of full-stack components for accelerated Laravel development. Versions 4.0.0 through 4.8.4 and 5.0.0 through 5.3.4 have two Filament Table summarizers (Range, Values) that render raw database values without escaping HTML. If there is a lack of validation
- CVE-2024-47186Sep 27, 2024affected >= 3.0.0, < 3.2.115fixed 3.2.115
Filament is a collection of full-stack components for Laravel development. Versions of Filament from v3.0.0 through v3.2.114 are affected by a cross-site scripting (XSS) vulnerability. If values passed to a `ColorColumn` or `ColumnEntry` are not valid and contain a specific set o