joomla/framework
Packagist3 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting joomla/frameworkpage 1 of 1
- CVE-2008-3227NONECVSS 0.0EG 0.0✓ Fixed in 1.5.42008-07-18
vulnerable: 1.0 ... 1.1.0 (6 versions)
Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.
- CVE-2008-4104NONECVSS 0.0EG 0.0✓ Fixed in 1.5.72008-09-18
Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL.
- CVE-2018-17856HIGHCVSS 7.2EG 7.2✓ Fixed in 3.8.132018-10-09
An issue was discovered in Joomla! before 3.8.13. com_joomlaupdate allows the execution of arbitrary code. The default ACL config enabled the ability of Administrator-level users to access com_joomlaupdate and trigger code execution.
Check whether joomla/framework is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for joomla/framework CVEs against the assets you own.
Start Free Scan →