filament/tables Security Advisories (4)
-
[MEDIUM] Filament: Unvalidated ImageColumn and ImageEntry values can be used for XSS
PKSA-qx8b-yc1b-44yc CVE-2026-48167 GHSA-3fc8-8hp6-6jr4
Affected version: >=5.0.0,<=5.6.4|>=4.0.0,<=4.11.4
Reported by:
GitHub -
[MEDIUM] Filament has inconsistent scope enforcement for its AttachAction and AssociateAction Select fields
PKSA-w941-zhwq-2wbm CVE-2026-48067 GHSA-7q3w-xqjw-g3cr
Affected version: >=3.0.0,<=3.3.50
Reported by:
GitHub -
[HIGH] Filament Unvalidated Range and Values summarizer values can be used for XSS
PKSA-5bdf-2x61-v43c CVE-2026-33080 GHSA-vv3x-j2x5-36jc
Affected version: >=5.0.0,<5.3.5|>=4.0.0,<4.8.5
Reported by:
GitHub -
[MEDIUM] Filament has unvalidated ColorColumn and ColorEntry values that can be used for Cross-site Scripting
PKSA-2xmv-8f99-rg33 CVE-2024-47186 GHSA-9h9q-qhxg-89xr
Affected version: >=3.0.0,<3.2.115
Reported by:
GitHub