CVE-2022-0227

Description

SilverStripe Framework prior to version 4.10.1 is vulnerable to business logic errors.

How to fix CVE-2022-0227

To remediate CVE-2022-0227, upgrade the affected package to a fixed version below.

• Packagist/silverstripe/framework—upgrade to 4.10.1 or later

Is CVE-2022-0227 being exploited?

No exploitation signal available. Neither CISA KEV nor a current EPSS score has been published for CVE-2022-0227.

Affected packages (1)

• from 0, < 4.10.1

CVSS scores

References (4)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2022-0227
• PATCHgithub.com/silverstripe/silverstripe-framework
• WEBgithub.com/silverstripe/silverstripe-framework/commit/cbf2987a616e9ef4d7eccae5d763ef2179bdbcc2
• WEBhuntr.dev/bounties/35631e3a-f4b9-41ad-857c-7e3021932a72