-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
Flag Packagist.org package as vulnerable #21
Comments
I may have opened an issue in the wrong repository, is helios-ag/fm-elfinder-php-connector the one that is vulnerable ? Both of them ? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi 馃憢
If I'm not mistaken, this package uses ElFinder < 2.1.58.
These versions are affected by 3 active CVEs : CVE-2021-23394, CVE-2021-32682 & CVE-2023-35840.
I'm aware that this package is deprecated, but could it be possible to flag all its versions as "vulnerable" on Packagist.org please ?
Thank you.
The text was updated successfully, but these errors were encountered: