Information on source package cakephp

Available versions

ReleaseVersion
buster2.10.11-2
bullseye2.10.11-2.1

Open issues

BugbusterbullseyeDescription
CVE-2020-15400vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)CakePHP before 4.0.6 mishandles CSRF token generation. This might be r ...

Resolved issues

BugDescription
TEMP-0832283-698CF7cakephp: XML class SSRF vulnerability
TEMP-0000000-CFFE57cakephp: local file inclusion
CVE-2020-35239A vulnerability exists in CakePHP versions 4.0.x through 4.1.3. The Cs ...
CVE-2019-11458An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserial ...
CVE-2016-4793The clientIp function in CakePHP 3.2.4 and earlier allows remote attac ...
CVE-2015-8379CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypas ...
CVE-2012-4399The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 all ...
CVE-2010-4335The _validatePost function in libs/controller/components/security.php ...
CVE-2006-5031Directory traversal vulnerability in app/webroot/js/vendors.php in Cak ...
CVE-2006-4067Cross-site scripting (XSS) vulnerability in cake/libs/error.php in Cak ...

Security announcements

DSA / DLADescription
DLA-835-1cakephp - security update
DLA-566-1cakephp - security update
DLA-333-1cakephp - security update

Search for package or bug name: Reporting problems