GCVE - cpe:2.3:a:silverstripe:assets:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:silverstripe:assets:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Silverstripe (`fb3ee4e6-70c4-5017-82a7-81441bb33bd1`)
Product	Assets (`426e8ddf-a5e5-5125-842c-16b297531907`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/silverstripe/silverstripe-assets`	purl2cpe	2026-06-01 10:14:20.906688

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-38724`	vulnerable	2026-06-03 14:47:50.127178	Details available Silverstripe silverstripe/framework through 4.11.0, silverstripe/assets through 1.11.0, and silverstripe/asset-admin through 1.11.0 allow XSS. Published: 2022-11-22T00:00:00.000Z Updated: 2025-04-29T04:34:39.080Z Open on db.gcve.eu Reference links https://www.silverstripe.org/download/security-releases/ https://www.silverstripe.org/blog/tag/release https://forum.silverstripe.org/c/releases https://www.silverstripe.org/download/security-releases/CVE-2022-38724	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-29858`	vulnerable	2026-06-03 14:46:59.194472	Details available Silverstripe silverstripe/assets through 1.10 is vulnerable to improper access control that allows protected images to be published by changing an existing image short code on website content. Published: 2022-06-28T21:36:14.000Z Updated: 2024-08-03T06:33:42.927Z Open on db.gcve.eu Reference links https://www.silverstripe.org/download/security-releases/ https://www.silverstripe.org/blog/tag/release https://forum.silverstripe.org/c/releases https://www.silverstripe.org/download/security-releases/cve-2022-29858 https://huntr.dev/bounties/90e17d95-9f2f-44eb-9f26-49fa13a41d5a/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.