IP and Protocol Spoofing Affecting silverstripe/framework package, versions <3.1.17 >=3.2.0, <3.2.2 >=3.3-alpha, <3.3.0
Snyk CVSS
Attack Complexity
Low
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-PHP-SILVERSTRIPEFRAMEWORK-70157
- published 18 Feb 2016
- disclosed 18 Feb 2016
- credit Unknown
How to fix?
Upgrade silverstripe/framework
to version 3.3.0, 3.1.17, 3.2.2 or higher.
Overview
Affected versions of silverstripe/framework
are vulnerable to SS-2016-003: Hostname, IP and Protocol Spoofing through HTTP Headers.