Security Advisories - PKSA-tfnf-7k34-fpdv - Packagist.org

PKSA-tfnf-7k34-fpdv Security Advisory

[MEDIUM] CVE-2026-24749 - DBFile permission bypass

PKSA-tfnf-7k34-fpdv CVE-2026-24749 GHSA-jgcf-rf45-2f8v

Affected package: silverstripe/assets

Affected version: >=2.0.0,<2.4.5|>=3.0.0,<3.1.3

Reported by:
GitHub, FriendsOfPHP/security-advisories