Is tcg/voyager safe to use?

tcg/voyager has 4 known vulnerabilities on the latest version (v1.8.0). DepScope rates its health at 0/100 (critical risk).

What is the latest version of tcg/voyager?

The latest version of tcg/voyager is v1.8.0, released 2024-09-24.

Does tcg/voyager have known vulnerabilities?

Yes. tcg/voyager has 4 known vulnerabilities. See depscope.dev/pkg/composer/tcg/voyager for details.

Is tcg/voyager deprecated?

Yes, tcg/voyager is deprecated.

What are alternatives to tcg/voyager?

DepScope has no curated alternatives for tcg/voyager at this time.

What license does tcg/voyager use?

tcg/voyager is licensed under MIT.

tcg/voyager

composervv1.8.0deprecated

A Laravel Admin Package for The Control Group to make your life easier and steer your project in the right direction

License MITpermissive43 versions1 maintainers7 deps

thedevdojo/voyager

/ 100

Health

do not use

tcg/voyager has critical vulnerabilities — do not use

Moderate health score (0/100) — verify manually
1 high severity vulnerabilities
Package is deprecated
1 critical vulnerabilities

Health breakdown0 – 100

0/25

maintenance

0/20

popularity

8/25

security

12/15

maturity

0/15

community

Vulnerabilities

1 critical1 high1 medium1 low

Advisories (4)

Severity	ID	Summary	Fixed in
medium	CVE-2024-55417	DevDojo Voyager Arbitrary File Write	—
high	CVE-2024-55415	DevDojo Voyager vulnerable to path traversal	—
low	CVE-2024-55416	DevDojo Voyager vulnerable to reflected Cross-site Scripting	—
critical	CVE-2025-32931	DevDojo Voyager Argument Injection vulnerability	—

Threat intelligence

1 likely exploited (EPSS ≥ 0.5)

Threat tier per vulnerability derived from CISA KEV catalog + FIRST.org EPSS scores.

Maintainer trust

Active maintainers (3m)

1

Contributors (12m)

0

Primary author dominance

0%

GitHub stars

11,819

single active maintainer 3marchived repo

Health History

Dependency Tree

License Audit

Dependencies (7)

php illuminate/support intervention/image laravel/ui arrilot/laravel-widgets league/flysystem ext-json

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/composer/tcg/voyager

Last updated · 2024-09-24T16:51:41+00:00