ipl/web

Packagist2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting ipl/webpage 1 of 1

CVE-2024-41811LOWCVSS 3.9EG 3.9✓ Fixed in 0.10.1
2024-08-05
vulnerable: v0.1.0 ... v0.9.2 (14 versions)
ipl/web is a set of common web components for php projects. Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. (CSRF). All affected products, in any version, will be unaffec…
CVE-2026-42224HIGHCVSS 7.6EG 7.6✓ Fixed in 0.13.1
2026-05-08
vulnerable: 0.11.0 ... v0.9.2 (20 versions)
ipl/web is a set of common web components for php projects. Prior to version 0.13.1, the vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to vi…

Check whether ipl/web is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for ipl/web CVEs against the assets you own.

Start Free Scan →