Vulnerability DatabaseWS-2023-0085
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2023-0085
Published:May 20, 2026
Updated:May 20, 2026
pixelfed ≤ 0.11.4 is affected by HTML injection and Potential Cross Site Scripting vulnerability.
Affected Packages
pixelfed/pixelfed (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/staging/laravel-echo-1.15.0 <dev-dependabot/npm_and_yarn/staging/sass-1.56.2
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/staging/sass-1.56.2
humbug/php-scoper (PHP):
Affected version(s) >=dev-dependabot/composer/composer-root-version-checker/dependencies-342d1a56db <dev-dependabot/composer/composer-root-version-checker/dependencies-2d3ad6384c
Fix Suggestion:
Update to version dev-dependabot/composer/composer-root-version-checker/dependencies-2d3ad6384c
autotim/laravel (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
mikelmi/mk-start (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
humbug/php-scoper (PHP):
Affected version(s) =dev-dependabot/composer/composer-root-version-checker/dependencies-07a8491472 <dev-dependabot/composer/composer-root-version-checker/dependencies-2b405fcbe3
Fix Suggestion:
Update to version dev-dependabot/composer/composer-root-version-checker/dependencies-2b405fcbe3
humbug/php-scoper (PHP):
Affected version(s) >=dev-dependabot/composer/composer-root-version-checker/dependencies-b73f115d10 <dev-dependabot/composer/composer-root-version-checker/dependencies-e6a24d81a0
Fix Suggestion:
Update to version dev-dependabot/composer/composer-root-version-checker/dependencies-e6a24d81a0
ricadesign/laravel (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
galaxywork/laravel (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
jjsquady/laravel-tenancy (PHP):
Affected version(s) >=dev-master <=0.1
Fix Suggestion:
Update to version no_fix
sethsandaru/laravel-hmvc-sample (PHP):
Affected version(s) >=dev-master <v2.x-dev
Fix Suggestion:
Update to version v2.x-dev
folklore/laravel (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
widdy/laravel (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
langleyfoxall/laravel-boilerplate (PHP):
Affected version(s) =dev-shift <dev-dependabot/npm_and_yarn/axios-0.21.1
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/axios-0.21.1
dentro/nge.noob (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
datadog/dd-trace (PHP):
Affected version(s) >=0.3.0 <0.4.0
Fix Suggestion:
Update to version 0.4.0
adenvt/laravel-coreui-vue (PHP):
Affected version(s) >=0.2.0 <0.3.1
Fix Suggestion:
Update to version 0.3.1
rolfhaug/laravel-model-settings (PHP):
Affected version(s) >=v0.0.1 <=v0.0.2
Fix Suggestion:
Update to version no_fix
prakash/poudel (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
onurure/todo (PHP):
Affected version(s) >=dev-master <=1.1.3
Fix Suggestion:
Update to version no_fix
digital/clocks (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
wuhaohui/laravel (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
notwhite-bridge/mytest (PHP):
Affected version(s) >=dev-master <=1.0
Fix Suggestion:
Update to version no_fix
swisnl/game-of-tests-laravel-demo (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/elliptic-6.5.3 <dev-dependabot/composer/guzzlehttp/guzzle-6.5.6
Fix Suggestion:
Update to version dev-dependabot/composer/guzzlehttp/guzzle-6.5.6
ymonkey/laravel (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
coddare/laravel-modules-skeleton (PHP):
Affected version(s) >=dev-master <=v5.6
Fix Suggestion:
Update to version no_fix
yannoff/laravel (PHP):
Affected version(s) =v5.6.12 <v5.6.21
Fix Suggestion:
Update to version v5.6.21
thinktomorrow/project-skeleton (PHP):
Affected version(s) >=0.0.1 <0.0.5
Fix Suggestion:
Update to version 0.0.5
brnbio/laravel (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
wbswjc/laravel (PHP):
Affected version(s) >=v5.6.7 <=v5.6.21.1
Fix Suggestion:
Update to version no_fix
alexkb/laravel-docker (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
humbug/php-scoper (PHP):
Affected version(s) =dev-dependabot/github_actions/dot-github/workflows/dependencies-533f70582a <dev-dependabot/github_actions/dot-github/workflows/dependencies-45154b2adb
Fix Suggestion:
Update to version dev-dependabot/github_actions/dot-github/workflows/dependencies-45154b2adb
anluizmm/laravel-admin-skeleton (PHP):
Affected version(s) =v2.0.0
Fix Suggestion:
Update to version no_fix
wuhaohui/laravel (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
trungtnm/laravel (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
pixelfed/pixelfed (PHP):
Affected version(s) =dev-dependabot/composer/react/http-1.7.0 <dev-dependabot/npm_and_yarn/follow-redirects-1.14.8
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/follow-redirects-1.14.8
plexi/light-obfuscator (PHP):
Affected version(s) >=dev-master <=v1.2.0
Fix Suggestion:
Update to version no_fix
plexi/php-obfuscator (PHP):
Affected version(s) >=v0.0.1 <v2.0.0
Fix Suggestion:
Update to version v2.0.0
digbang/laravel-project (PHP):
Affected version(s) =5.6.x-dev <dev-5.6_digbangs-way
Fix Suggestion:
Update to version dev-5.6_digbangs-way
ricadesign/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
plexi/artisan-obfuscator (PHP):
Affected version(s) =dev-master <v1.0.0
Fix Suggestion:
Update to version v1.0.0
zaxx44a/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
ziqing/ddd (PHP):
Affected version(s) >=0.0.1 <0.1.2
Fix Suggestion:
Update to version 0.1.2
plexi/artisan-obfuscator (PHP):
Affected version(s) >=v1.1.0 <=v1.2.0
Fix Suggestion:
Update to version no_fix
bonsai/laravel (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
watish/watishweb (PHP):
Affected version(s) >=dev-master <=v1.1.7
Fix Suggestion:
Update to version no_fix
sdleiw/bitracker-demo (PHP):
Affected version(s) >=dev-master <=v0.1
Fix Suggestion:
Update to version no_fix
dentro/nge.noob (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
pixelfed/pixelfed (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/axios-0.21.1 <dev-dependabot/npm_and_yarn/axios-0.21.2
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/axios-0.21.2
laravelfy/laravel (PHP):
Affected version(s) >=v5.6.7 <=v5.6.21
Fix Suggestion:
Update to version no_fix
casulo/calculator (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
gumkle/laravel_api_template (PHP):
Affected version(s) =dev-master <v1.0
Fix Suggestion:
Update to version v1.0
morenorafael/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
trungtnm/laravel (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
ask664/dd-trace-for-tracing (PHP):
Affected version(s) =dev-add_docker_for_php_5_4
Fix Suggestion:
Update to version no_fix
shyamsasit/laravelblog5.6 (PHP):
Affected version(s) =1.0.0
Fix Suggestion:
Update to version no_fix
shridharkaushik29/laravel-angular (PHP):
Affected version(s) =dev-develop <dev-master
Fix Suggestion:
Update to version dev-master
fullstackmx/laravue-notes (PHP):
Affected version(s) =dev-master <v1.0.0
Fix Suggestion:
Update to version v1.0.0
widdy/laravel (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
mmockelyn/laravel (PHP):
Affected version(s) >=v5.6.7 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
humbug/php-scoper (PHP):
Affected version(s) =dev-dependabot/composer/composer-root-version-checker/dependencies-4525034868 <dev-dependabot/composer/composer-root-version-checker/dependencies-8ea33bfd18
Fix Suggestion:
Update to version dev-dependabot/composer/composer-root-version-checker/dependencies-8ea33bfd18
arno-birchler/laravel-gitlab-ci (PHP):
Affected version(s) >=dev-master <=v1.0-stable
Fix Suggestion:
Update to version no_fix
chrsm/prayerletters (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
rubenarakelyan/zomato-api-php (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
aquaswim/laravel-with-voyager (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
rubenarakelyan/laravel-session-files-to-redis (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
simplecom/appmaker (PHP):
Affected version(s) =dev-master <1.0.0
Fix Suggestion:
Update to version 1.0.0
phpsandbox/laravel (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
humbug/php-scoper (PHP):
Affected version(s) >=dev-dependabot/composer/composer-root-version-checker/dependencies-c0ad9e6ffe <dev-dependabot/composer/composer-root-version-checker/dependencies-2996775a8f
Fix Suggestion:
Update to version dev-dependabot/composer/composer-root-version-checker/dependencies-2996775a8f
bowero/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
humbug/php-scoper (PHP):
Affected version(s) >=0.9.0 <0.18.5
Fix Suggestion:
Update to version 0.18.5
healthengine/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
opengis/laravel-geoserver (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
auto-site-generator/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
laraish/laraish (PHP):
Affected version(s) =v4.0.0 <dev-dependabot/npm_and_yarn/vite-4.5.2
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/vite-4.5.2
dark-black/laravel (PHP):
Affected version(s) >=dev-Lawrence2 <dev-mgodby42
Fix Suggestion:
Update to version dev-mgodby42
humbug/php-scoper (PHP):
Affected version(s) >=dev-dependabot/composer/composer-root-version-checker/dependencies-3ae2237ad1 <dev-theofidry-patch-1
Fix Suggestion:
Update to version dev-theofidry-patch-1
dark-black/laravel (PHP):
Affected version(s) =dev-Anthony <dev-Master-Dev
Fix Suggestion:
Update to version dev-Master-Dev
pixelfed/pixelfed (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/minimist-1.2.6 <dev-dependabot/npm_and_yarn/loader-utils-1.4.1
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/loader-utils-1.4.1
swisnl/game-of-tests-laravel-demo (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/follow-redirects-1.14.8 <2.0.0
Fix Suggestion:
Update to version 2.0.0
ceddyg/clara (PHP):
Affected version(s) >=2.1.1 <2.1.6
Fix Suggestion:
Update to version 2.1.6
bluzelle/bluzelle-php (PHP):
Affected version(s) >=v0.1.5 <=v1.0
Fix Suggestion:
Update to version no_fix
shridharkaushik29/localhost-file-manager (PHP):
Affected version(s) =1.0.0
Fix Suggestion:
Update to version no_fix
humbug/php-scoper (PHP):
Affected version(s) >=0.18.9 <dev-dependabot/composer/composer-root-version-checker/dependencies-259103ce51
Fix Suggestion:
Update to version dev-dependabot/composer/composer-root-version-checker/dependencies-259103ce51
conversoft/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
humbug/php-scoper (PHP):
Affected version(s) =dev-dependabot/composer/composer-root-version-checker/dependencies-fdd6438dec <dev-dependabot/composer/composer-root-version-checker/dependencies-e8e009b81c
Fix Suggestion:
Update to version dev-dependabot/composer/composer-root-version-checker/dependencies-e8e009b81c
yozh/test-newsblog (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
pixelfed/pixelfed (PHP):
Affected version(s) >=dev-pwa-manifest <v0.8.0
Fix Suggestion:
Update to version v0.8.0
tahaghafuri/laravel-fix (PHP):
Affected version(s) >=v5.6.7 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
humbug/php-scoper (PHP):
Affected version(s) =dev-dependabot/composer/composer-root-version-checker/dependencies-91841802b4 <dev-dependabot/github_actions/dot-github/workflows/dependencies-3e83326924
Fix Suggestion:
Update to version dev-dependabot/github_actions/dot-github/workflows/dependencies-3e83326924
adenvt/laravel-coreui-vue (PHP):
Affected version(s) =1.0.0-rc.1 <1.0.0-rc.2
Fix Suggestion:
Update to version 1.0.0-rc.2
laravel/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
bowero/laravel (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
jefhar/laravel-domain-oriented (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
brnbio/laravel (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
drnkwati/laravel (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
pixelfed/pixelfed (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/staging/caniuse-lite-1.0.30001449 <dev-dependabot/npm_and_yarn/staging/caniuse-lite-1.0.30001439
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/staging/caniuse-lite-1.0.30001439
dervisgroup/ignite-platform (PHP):
Affected version(s) =1.1.0-beta1
Fix Suggestion:
Update to version no_fix
pixelfed/pixelfed (PHP):
Affected version(s) >=dev-dependabot/composer/staging/laravel/framework-9.45.1 <dev-dependabot/npm_and_yarn/filesize-10.0.5
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/filesize-10.0.5
laravel/laravel (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
ac-developers/chalkboard (PHP):
Affected version(s) >=v0.1.0 <=v0.1.3
Fix Suggestion:
Update to version no_fix
casulo/anger (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
morenorafael/laravel (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
payra/platform (PHP):
Affected version(s) >=dev-master <=v0.0.1
Fix Suggestion:
Update to version no_fix
tjventurini/laravel-blueprint (PHP):
Affected version(s) =5.6.x-dev <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
grikomsn/laravel (PHP):
Affected version(s) =v5.6
Fix Suggestion:
Update to version no_fix
langleyfoxall/laravel-boilerplate (PHP):
Affected version(s) =v1.0.0 <v1.1.0
Fix Suggestion:
Update to version v1.1.0
casulo/fury (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
zaxx44a/laravel (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
laravel/laravel (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
strikersfran/ffzero1 (PHP):
Affected version(s) >=dev-master <=0.0.1
Fix Suggestion:
Update to version no_fix
saperx/light-obfuscator (PHP):
Affected version(s) >=dev-master <=v1.2.1
Fix Suggestion:
Update to version no_fix
swisnl/game-of-tests-laravel-demo (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/bootstrap-sass-3.4.1 <dev-laravel-5.4
Fix Suggestion:
Update to version dev-laravel-5.4
aidanraskil/larai (PHP):
Affected version(s) >=dev-aidanraskil-patch-1 <dev-aidanraskil-patch-2
Fix Suggestion:
Update to version dev-aidanraskil-patch-2
ceddyg/clara (PHP):
Affected version(s) =2.0.0 <2.1.0
Fix Suggestion:
Update to version 2.1.0
jefhar/laravel-domain-oriented (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
houdunwang/hdcms (PHP):
Affected version(s) =v1.0.10 <dev-dependabot/npm_and_yarn/Modules/Article/eventsource-1.1.1
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/Modules/Article/eventsource-1.1.1
ymonkey/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
pixelfed/pixelfed (PHP):
Affected version(s) =dev-dependabot/composer/staging/phpunit/phpunit-9.5.28 <dev-dependabot/composer/staging/laravel/framework-9.43.0
Fix Suggestion:
Update to version dev-dependabot/composer/staging/laravel/framework-9.43.0
bluzelle/bluzelle-php (PHP):
Affected version(s) >=dev-master <v0.1.1
Fix Suggestion:
Update to version v0.1.1
starpeace-project/starpeace-laravel-controller (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
demopackage/naveed (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
razu/calculator (PHP):
Affected version(s) =dev-master <v1.0.0
Fix Suggestion:
Update to version v1.0.0
arbory/project (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
ddvphp/laravel (PHP):
Affected version(s) >=dev-ddv-restful-api <v5.4.21
Fix Suggestion:
Update to version v5.4.21
scriptburn/googlespeech (PHP):
Affected version(s) >=dev-master <=1.0.3
Fix Suggestion:
Update to version no_fix
datadog/dd-trace (PHP):
Affected version(s) =0.4.1 <0.4.2
Fix Suggestion:
Update to version 0.4.2
morenorafael/laravel (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
loopbytes/web-template (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
np21/laravel (PHP):
Affected version(s) >=dev-develop <dev-dependabot/npm_and_yarn/axios-0.21.0
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/axios-0.21.0
humbug/php-scoper (PHP):
Affected version(s) =dev-dependabot/composer/composer-root-version-checker/dependencies-21a977aa5c <dev-dependabot/composer/composer-root-version-checker/dependencies-eec54bd7ad
Fix Suggestion:
Update to version dev-dependabot/composer/composer-root-version-checker/dependencies-eec54bd7ad
rroycedev/rroyce-assetmgr (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
pixelfed/pixelfed (PHP):
Affected version(s) >=dev-dependabot/composer/staging/pbmedia/laravel-ffmpeg-8.2.2 <dev-dependabot/composer/laravel/framework-8.40.0
Fix Suggestion:
Update to version dev-dependabot/composer/laravel/framework-8.40.0
ddvphp/laravel (PHP):
Affected version(s) =v5.6.12
Fix Suggestion:
Update to version no_fix
larvelcode/panel (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
bonsai/laravel (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
widdy/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
congraph/cms (PHP):
Affected version(s) =dev-develop <dev-master
Fix Suggestion:
Update to version dev-master
myckhel/laravel-example-template (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
yozh/test-newsblog (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
pixelfed/pixelfed (PHP):
Affected version(s) =dev-dependabot/composer/lcobucci/jwt-3.4.6 <dev-dependabot/composer/doctrine/dbal-3.5.1
Fix Suggestion:
Update to version dev-dependabot/composer/doctrine/dbal-3.5.1
phpsandbox/laravel (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
mraiur/sleep-logger (PHP):
Affected version(s) =dev-laravel <dev-master
Fix Suggestion:
Update to version dev-master
teelevision/redaxo5-laravel (PHP):
Affected version(s) =5.6.x-dev
Fix Suggestion:
Update to version no_fix
pixelfed/pixelfed (PHP):
Affected version(s) >=v0.8.5 <v0.10.1
Fix Suggestion:
Update to version v0.10.1
rubenarakelyan/zomato-api-php (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
humbug/php-scoper (PHP):
Affected version(s) =dev-dependabot/composer/fixtures/set021-composer-1/composer/composer-1.10.22 <dev-dependabot/composer/fixtures/set021-composer-1/composer/composer-1.10.23
Fix Suggestion:
Update to version dev-dependabot/composer/fixtures/set021-composer-1/composer/composer-1.10.23
enta/calculator (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
aquaswim/laravel-with-voyager (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
myckhel/laravel-example-template (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
mrynk/groundwork (PHP):
Affected version(s) >=1.0.0 <1.0.7
Fix Suggestion:
Update to version 1.0.7
clevercanyon/php-scoper (PHP):
Affected version(s) >=0.9.0 <=1.0.0
Fix Suggestion:
Update to version no_fix
adminarchitect/demoapp (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
laraviet/platform (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
autotim/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
eskindir/calculator (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
stimpack-io/stimpack (PHP):
Affected version(s) >=0.1.2 <=0.1.6
Fix Suggestion:
Update to version no_fix
humbug/php-scoper (PHP):
Affected version(s) =dev-dependabot/composer/composer-root-version-checker/dependencies-3779059542 <dev-dependabot/composer/composer-root-version-checker/dependencies-60fa890602
Fix Suggestion:
Update to version dev-dependabot/composer/composer-root-version-checker/dependencies-60fa890602
the-php-swarm/bluphant (PHP):
Affected version(s) =v0.1.5
Fix Suggestion:
Update to version no_fix
pixelfed/pixelfed (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/staging/jquery-3.6.3 <dev-dependabot/npm_and_yarn/infinite-scroll-4.0.1
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/infinite-scroll-4.0.1
mdalaminbey/php-scoper (PHP):
Affected version(s) >=dev-dev/alamin <0.1.0
Fix Suggestion:
Update to version 0.1.0
plesk/php-scoper (PHP):
Affected version(s) =dev-master <0.1.0
Fix Suggestion:
Update to version 0.1.0
terranc/laravel-project-remplate (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
phpappbuilder/todo (PHP):
Affected version(s) >=dev-master <=0.0.2
Fix Suggestion:
Update to version no_fix
chrsm/prayerletters (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
ask664/dd-trace-for-tracing (PHP):
Affected version(s) >=0.3.0 <0.4.2
Fix Suggestion:
Update to version 0.4.2
ceddyg/clara (PHP):
Affected version(s) =2.1.8 <2.2.0
Fix Suggestion:
Update to version 2.2.0
juanklagos/laravel-init (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
liujun/laravel-api (PHP):
Affected version(s) >=dev-develop <=dev-master
Fix Suggestion:
Update to version no_fix
juanklagos/laravel-init-5.7 (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
swisnl/game-of-tests-laravel-demo (PHP):
Affected version(s) >=dev-dependabot/composer/guzzlehttp/guzzle-6.5.7 <=dev-dependabot/npm_and_yarn/y18n-3.2.2
Fix Suggestion:
Update to version no_fix
pixelfed/pixelfed (PHP):
Affected version(s) >=v0.10.2 <v0.11.5
Fix Suggestion:
Update to version v0.11.5
plesk/php-scoper (PHP):
Affected version(s) >=0.9.0 <=0.15.0
Fix Suggestion:
Update to version no_fix
folklore/laravel (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
lv2technologies/laravel (PHP):
Affected version(s) >=v5.6.7 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
jayywalker/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
aquaswim/laravel-with-voyager (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
dentro/nge.noob (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
jefhar/laravel-domain-oriented (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
vodea/vodeacore (PHP):
Affected version(s) >=dev-master <=2.0.13
Fix Suggestion:
Update to version no_fix
alexkb/laravel-docker (PHP):
Affected version(s) >=v5.6.7 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
laraviet/l56_starter_kit (PHP):
Affected version(s) >=dev-master <=1.0.1
Fix Suggestion:
Update to version no_fix
pixelfed/pixelfed (PHP):
Affected version(s) >=dev-dependabot/composer/staging/laravel/horizon-5.13.0 <dev-dependabot/npm_and_yarn/node-sass-7.0.0
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/node-sass-7.0.0
autotim/laravel (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
bishopm/bookclub (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
pixelfed/pixelfed (PHP):
Affected version(s) >=dev-dependabot/composer/phpseclib/phpseclib-2.0.31 <dev-dependabot/composer/fruitcake/laravel-cors-3.0.0
Fix Suggestion:
Update to version dev-dependabot/composer/fruitcake/laravel-cors-3.0.0
trungtnm/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
saperx/artisan-obfuscator (PHP):
Affected version(s) >=v1.1.0 <=v1.2.1
Fix Suggestion:
Update to version no_fix
mdalaminbey/php-scoper (PHP):
Affected version(s) >=0.9.0 <=0.18.2
Fix Suggestion:
Update to version no_fix
wuhaohui/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
gamelena/tangerine (PHP):
Affected version(s) =dev-feature/laravel <dev-feature/standalone
Fix Suggestion:
Update to version dev-feature/standalone
ymonkey/laravel (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
lanzhi/laravel-ddd (PHP):
Affected version(s) >=0.0.1 <0.1
Fix Suggestion:
Update to version 0.1
fesal/cms_base_voila (PHP):
Affected version(s) >=dev-master <=1.0
Fix Suggestion:
Update to version no_fix
flooris/flooris-laravel (PHP):
Affected version(s) =dev-master <v1.0.0
Fix Suggestion:
Update to version v1.0.0
dark-black/laravel (PHP):
Affected version(s) >=dev-Mgodby(⌐■_■) <dev-master
Fix Suggestion:
Update to version dev-master
flooris/flooris-laravel (PHP):
Affected version(s) >=dev-laravel-5.6 <=v5.7.0
Fix Suggestion:
Update to version no_fix
adenvt/laravel-coreui-vue (PHP):
Affected version(s) =0.1.0 <dev-dependabot/npm_and_yarn/websocket-extensions-0.1.4
Fix Suggestion:
Update to version dev-dependabot/npm_and_yarn/websocket-extensions-0.1.4
zaxx44a/laravel (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
opengis/laravel-geoserver (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
fesal_voila/cms_base_voila (PHP):
Affected version(s) =1.0
Fix Suggestion:
Update to version no_fix
chrsm/prayerletters (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
phpsandbox/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
datadog/dd-trace (PHP):
Affected version(s) =dev-add_docker_for_php_5_4 <dev-labbati/disable-5.4-test
Fix Suggestion:
Update to version dev-labbati/disable-5.4-test
yozh/test-newsblog (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
nbaskoff/beetlecms (PHP):
Affected version(s) >=v5.6.7 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
pixelfed/pixelfed (PHP):
Affected version(s) >=dev-dependabot/npm_and_yarn/staging/hls.js-1.3.1 <dev-groups
Fix Suggestion:
Update to version dev-groups
drnkwati/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
brnbio/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
onsigbaar/onsigbaar (PHP):
Affected version(s) =dev-dev-development <dev-dev-master
Fix Suggestion:
Update to version dev-dev-master
opengis/laravel-geoserver (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
superv/superv-project (PHP):
Affected version(s) =0.3.x-dev <v0.3.0
Fix Suggestion:
Update to version v0.3.0
ricadesign/laravel (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
pixelfed/pixelfed (PHP):
Affected version(s) =dev-dependabot/composer/staging/laravel/telescope-4.10.2 <dev-dependabot/composer/stevebauman/purify-5.0.1
Fix Suggestion:
Update to version dev-dependabot/composer/stevebauman/purify-5.0.1
drnkwati/laravel (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
weboosh/webooshcore (PHP):
Affected version(s) >=dev-master <=V1.0.7
Fix Suggestion:
Update to version no_fix
rubenarakelyan/laravel-session-files-to-redis (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
pixelfed-glitch/pixelfed (PHP):
Affected version(s) >=v0.1.9 <v0.11.5
Fix Suggestion:
Update to version v0.11.5
np21/laravel (PHP):
Affected version(s) >=v5.6.7 <dev-dependabot/composer/laravel/framework-5.8.star
Fix Suggestion:
Update to version dev-dependabot/composer/laravel/framework-5.8.star
bowero/laravel (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
folklore/laravel (PHP):
Affected version(s) =5.6.x-dev <v5.6.0
Fix Suggestion:
Update to version v5.6.0
saperx/artisan-obfuscator (PHP):
Affected version(s) =dev-master <v1.0.0
Fix Suggestion:
Update to version v1.0.0
myckhel/laravel-example-template (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
emiltonn/prol1 (PHP):
Affected version(s) =dev-master
Fix Suggestion:
Update to version no_fix
stimpack-io/stimpack (PHP):
Affected version(s) >=dev-GUI-face-lift <0.1.1
Fix Suggestion:
Update to version 0.1.1
rubenarakelyan/laravel-session-files-to-redis (PHP):
Affected version(s) =v5.7.0 <v5.7.13
Fix Suggestion:
Update to version v5.7.13
humbug/php-scoper (PHP):
Affected version(s) >=dev-main <dev-revert-656-feature/e2e-depend-on-unit
Fix Suggestion:
Update to version dev-revert-656-feature/e2e-depend-on-unit
aniqakhan755/adminlte-generator (PHP):
Affected version(s) =5.6.x-dev <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
swisnl/laravel-nova-mirror (PHP):
Affected version(s) =0.1.0 <0.2.0
Fix Suggestion:
Update to version 0.2.0
humbug/php-scoper (PHP):
Affected version(s) =dev-dependabot/composer/composer-root-version-checker/dependencies-2431fc19ac <dev-dependabot/composer/composer-root-version-checker/dependencies-78086badcc
Fix Suggestion:
Update to version dev-dependabot/composer/composer-root-version-checker/dependencies-78086badcc
rubenarakelyan/zomato-api-php (PHP):
Affected version(s) >=v5.6.7 <5.7.x-dev
Fix Suggestion:
Update to version 5.7.x-dev
humbug/php-scoper (PHP):
Affected version(s) >=dev-dependabot/composer/composer-root-version-checker/dependencies-3b704f7376 <dev-dependabot/github_actions/dot-github/workflows/dependencies-bf940bc907
Fix Suggestion:
Update to version dev-dependabot/github_actions/dot-github/workflows/dependencies-bf940bc907
Related Resources (1)
https://github.com/pixelfed/pixelfed/commit/9bbd6dcd2338d2b3e05649240e9e1737687fa59b
Do you need more information?
Contact Us
CVSS v4
Base Score:
5.1
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
LOW
User Interaction
PASSIVE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
LOW
Vulnerable System Availability
NONE
Subsequent System Confidentiality
LOW
Subsequent System Integrity
LOW
Subsequent System Availability
NONE
CVSS v3
Base Score:
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE