EUVD-2022-7004

Malicious code in bioql PyPI...

CVE-2022-39357

Winter is a free, open-source content management system based on the Laravel PHP framework. The Snowboard framework in versions 1.1.8, 1.1.9, and 1.2.0 is vulnerable to prototype pollution in the main Snowboard class as well as its plugin loader. The 1.0 branch of Winter is not affected, as it do...

GHSA-3FH5-Q6FG-W28Q Prototype pollution in Snowboard framework

Impact The Snowboard framework in affected versions is vulnerable to prototype pollution in the main Snowboard class as well as its plugin loader. Patches This issue has been patched in https://github.com/wintercms/winter/commit/2a13faf99972e84c9661258f16c4750fa99d29a1 for 1.2 and...

CVE-2022-39357

Winter is a free, open-source content management system based on the Laravel PHP framework. The Snowboard framework in versions 1.1.8, 1.1.9, and 1.2.0 is vulnerable to prototype pollution in the main Snowboard class as well as its plugin loader. The 1.0 branch of Winter is not affected, as it do...

Use after free

Winter is a free, open-source content management system based on the Laravel PHP framework. The Snowboard framework in versions 1.1.8, 1.1.9, and 1.2.0 is vulnerable to prototype pollution in the main Snowboard class as well as its plugin loader. The 1.0 branch of Winter is not affected, as it do...

CVE-2022-39357

CVE-2022-39357 affects the Winter CMS Snowboard framework (versions 1.1.8–1.2.0). The vulnerability is prototype pollution in the Snowboard main class and its plugin loader, with Winter 1.0 unaffected. Patched in Winter v1.1.10 and v1.2.1. If not yet upgraded, advisories recommend security practi...

CVE-2022-39357 Winter vulnerable to Prototype Pollution in Snowboard framework

Winter is a free, open-source content management system based on the Laravel PHP framework. The Snowboard framework in versions 1.1.8, 1.1.9, and 1.2.0 is vulnerable to prototype pollution in the main Snowboard class as well as its plugin loader. The 1.0 branch of Winter is not affected, as it do...

Winter 安全漏洞

Winter is a free, open source, self-hosted CMS platform based on the Laravel PHP framework. A security vulnerability exists in Winter versions 1.1.8, 1.1.9, and 1.2.0, which stems from the Snowboard framework's susceptibility to prototype contamination in Snowboard's main class and its plugin...

CVE-2022-39357 Winter vulnerable to Prototype Pollution in Snowboard framework

Winter is a free, open-source content management system based on the Laravel PHP framework. The Snowboard framework in versions 1.1.8, 1.1.9, and 1.2.0 is vulnerable to prototype pollution in the main Snowboard class as well as its plugin loader. The 1.0 branch of Winter is not affected, as it do...