orchid/platform

Packagist3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting orchid/platformpage 1 of 1

CVE-2020-15263HIGHCVSS 8.0EG 8.0✓ Fixed in 9.4.4
2020-10-19
vulnerable: 9.0.0 ... 9.4.3 (12 versions)
In platform before version 9.4.4, inline attributes are not properly escaped. If the data that came from users was not escaped, then an XSS vulnerability is possible. The issue was introduced in 9.0.0 and fixed in 9.4.4.
CVE-2023-36825CRITICALCVSS 9.6EG 9.6✓ Fixed in 14.5.0
2023-07-11
vulnerable: 14.0.0 ... 14.4.0 (14 versions)
Orchid is a Laravel package that allows application development of back-office applications, admin/user panels, and dashboards. A vulnerability present starting in version 14.0.0-alpha4 and prior to version 14.5.0 is related to the deseria…
CVE-2024-51992MEDIUMCVSS 4.1EG 4.1✓ Fixed in 14.43.0
2024-11-11
vulnerable: 10.0.0 ... 9.9.2 (258 versions)
Orchid is a @laravel package that allows for rapid application development of back-office applications, admin/user panels, and dashboards. This vulnerability is a method exposure issue (CWE-749: Exposed Dangerous Method or Function) in the…

Check whether orchid/platform is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for orchid/platform CVEs against the assets you own.

Start Free Scan →