orchid CVE 脆弱性と CVE 一覧(2)

製品(CPE): — CVE 件数: 2

orchid 脆弱性概要

This page aggregates publicly disclosed CVE and security risk information related to orchid, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

脆弱性分布の推移(直近24か月)

表示中 12 / 2 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2023-36825 Orchid is a Laravel package that allows application development of back-office applications, admin/user panels, and dashboards. A vulnerability present starting in version 14.0.0-alpha4 and prior to version 14.5.0 is related to the deserialization of untrusted data from the `_state` query parameter, which can result in remote code execution. The issue has been addressed in version 14.5.0. Users are advised to upgrade their software to this version or any subsequent versions that include the patc [email protected] 9.6 0.95% 2023-07-11 2026-06-17
CVE-2020-15263 In platform before version 9.4.4, inline attributes are not properly escaped. If the data that came from users was not escaped, then an XSS vulnerability is possible. The issue was introduced in 9.0.0 and fixed in 9.4.4. [email protected] 8.0 0.74% 2020-10-19 2026-06-16
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence