verbb/image-resizer

Packagist2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting verbb/image-resizerpage 1 of 1

CVE-2020-13458HIGHCVSS 8.8EG 8.8✓ Fixed in 2.0.9
2020-05-25
vulnerable: 2.0.0 ... 2.0.8 (9 versions)
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action.
CVE-2020-13459MEDIUMCVSS 5.4EG 5.4✓ Fixed in 2.0.9
2020-05-25
vulnerable: 2.0.0 ... 2.0.8 (9 versions)
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action.

Check whether verbb/image-resizer is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for verbb/image-resizer CVEs against the assets you own.

Start Free Scan →