CVE-2022-46157

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-46157

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-46157.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-46157

Aliases

Published

2022-12-09T20:14:33.460Z

Modified

2026-04-02T08:30:17.269392Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Remote php code execution in Akeneo PIM

Details

Akeneo PIM is an open source Product Information Management (PIM). Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute arbitrary PHP code on the server by uploading a crafted image. Akeneo PIM Community Edition after the versions aforementioned provides patched Apache HTTP server configuration file, for docker setup and in documentation sample, to fix this vulnerability. Community Edition users must change their Apache HTTP server configuration accordingly to be protected. The patch for Cloud Based Akeneo PIM Services customers has been applied since 30th October 2022. Users are advised to upgrade. Users unable to upgrade may Replace any reference to <FilesMatch \.php$> in their apache httpd configurations with: <Location "/index.php">.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/46xxx/CVE-2022-46157.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-94"
    ]
}

References

Affected packages

Git / github.com/akeneo/pim-community-dev

Affected ranges

Type

GIT

Repo

https://github.com/akeneo/pim-community-dev

Events

Introduced

3dd7c96c3ba372520ba3e82e70b8ae0bc82b63e4

Fixed

6434a16d7fdeb78a909b118523a5c55ce9e2d4fb

Database specific

{
    "versions": [
        {
            "introduced": "6.0.0"
        },
        {
            "fixed": "6.0.53"
        }
    ]
}

Type

GIT

Repo

https://github.com/akeneo/pim-community-dev

Events

Introduced

Fixed

b6ea26d696d8bd183c3097cee4664850cba33b97

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "5.0.119"
        }
    ]
}

Affected versions

1.*

1.3.30

Other

2026-0

2026-1

2026-2

RC-v20230418073705

RC-v20230509082034

v20230412113742

v20230413013743

v20230414013821

v20230417013744

v20230417113750

v20230417123237

v20230418013746

v20230418150047

v20230419013749

v20230419094756

v20230419113745

v20230419155806

v20230420013749

v20230420134335

v20230421113749

v20230421145120

v20230422065420

v20230423181603

v20230424095936

v20230425013745

v20230425113759

v20230426013748

v20230426075104

v20230426113800

v20230427113756

v20230428013748

v20230502013747

v20230503013756

v20230503121720

v20230504013756

v20230504103747

v20230504145956

v20230505013751

v20230505103757

v20230508013750

v20230508103752

v20230509013747

v20230509103822

v20230510013750

v20230510081338

v20230510082905

v20230510130747

v20230511013752

v20230511135650

v20230512121649

v20230515013748

v20230515103747

v20230515143309

v20230516013808

v20230517101200

v20230517103809

v20230517140351

v20230518013751

v20230518103754

v20230519103743

v20230522013754

v20230522103801

v20230524100713

v20230524103750

v20230524152101

v20230525013753

v20230525155706

v20230526013753

v20230526103753

v20230526115242

v20230526131819

v20230529013756

v20230529081912

v20230529103748

v20230530013829

v20230530084303

v20230531013814

v20230531125822

v20230601104036

v20230602013748

v20230602091753

v20230602103749

v20230605013746

v20230605135831

v20230606130607

v20230607105457

v20230607123824

v20230609013752

v20230612013807

v20230612082848

v20230612140321

v20230613013813

v20230613072456

v20230613094014

v20230613103747

v20230614141634

v20230615133750

v20230616013801

v20230616103756

v20230619102133

v20230620103749

v20230622013750

v20230622103947

v20230627013752

v20230628143422

v20230629144425

v20230630013752

v20230630103755

v20230703082159

v20230703103746

v20230703134153

v20230704013828

v20230705103752

v20230706103754

v20230710013754

v20230710103812

v20230711013749

v20230711103813

v20230712013754

v20230712103751

v20230713013750

v20230714013751

v20230714103751

v20230717013755

v20230717103751

v20230718013751

v20230718103751

v20230718133008

v20230719013757

v20230720013753

v20230721013756

v20230721103745

v20230724130300

v20230725092017

v20230728071241

v1.*

v1.0.0

v1.0.0-ALPHA1

v1.0.0-ALPHA2

v1.0.0-ALPHA3

v1.0.0-ALPHA4

v1.0.0-BETA1

v1.0.0-BETA2

v1.0.0-BETA2-sprint24

v1.0.0-BETA2-sprint25

v1.0.0-BETA3

v1.0.0-BETA3-sprint27

v1.0.0-BETA3-sprint28

v1.0.0-BETA4

v1.0.0-BETA4-sprint30

v1.0.0-RC1

v1.0.0-RC1-sprint31

v1.0.0-sprint34

v1.0.1

v1.0.2

v1.0.3

v1.1.0

v1.1.0-RC1

v1.1.0-RC2

v1.1.0-RC3

v1.1.1

v1.1.2

v1.1.3

v1.2.0

v1.2.0-BETA1

v1.2.0-BETA2

v1.2.0-RC1

v1.2.0-RC2

v1.2.0-RC3

v1.2.0-RC4

v1.2.1

v1.2.10

v1.2.11

v1.2.12

v1.2.13

v1.2.14

v1.2.15

v1.2.16

v1.2.17

v1.2.18

v1.2.19

v1.2.2

v1.2.20

v1.2.21

v1.2.22

v1.2.23

v1.2.24

v1.2.25

v1.2.26

v1.2.27

v1.2.28

v1.2.29

v1.2.3

v1.2.30

v1.2.31

v1.2.32

v1.2.33

v1.2.34

v1.2.35

v1.2.36

v1.2.37

v1.2.4

v1.2.5

v1.2.6

v1.2.7

v1.2.8

v1.2.9

v1.3.0

v1.3.0-BETA1

v1.3.0-RC1

v1.3.0-RC2

v1.3.0-RC3

v1.3.1

v1.3.10

v1.3.11

v1.3.12

v1.3.13

v1.3.14

v1.3.15

v1.3.16

v1.3.17

v1.3.18

v1.3.19

v1.3.2

v1.3.20

v1.3.21

v1.3.22

v1.3.23

v1.3.24

v1.3.25

v1.3.26

v1.3.27

v1.3.28

v1.3.29

v1.3.3

v1.3.31

v1.3.32

v1.3.33

v1.3.34

v1.3.35

v1.3.36

v1.3.37

v1.3.38

v1.3.39

v1.3.4

v1.3.40

v1.3.41

v1.3.5

v1.3.6

v1.3.7

v1.3.8

v1.3.9

v1.4.0

v1.4.0-ALPHA1

v1.4.0-BETA1

v1.4.0-BETA2

v1.4.0-BETA3

v1.4.0-RC1

v1.4.1

v1.4.10

v1.4.11

v1.4.12

v1.4.13

v1.4.14

v1.4.15

v1.4.16

v1.4.17

v1.4.18

v1.4.19

v1.4.2

v1.4.20

v1.4.21

v1.4.22

v1.4.23

v1.4.24

v1.4.25

v1.4.26

v1.4.27

v1.4.28

v1.4.3

v1.4.4

v1.4.5

v1.4.6

v1.4.7

v1.4.8

v1.4.9

v1.5.0

v1.5.0-ALPHA1

v1.5.0-BETA1

v1.5.0-RC1

v1.5.1

v1.5.10

v1.5.11

v1.5.12

v1.5.13

v1.5.14

v1.5.15

v1.5.16

v1.5.17

v1.5.18

v1.5.19

v1.5.2

v1.5.20

v1.5.21

v1.5.22

v1.5.23

v1.5.24

v1.5.25

v1.5.26

v1.5.27

v1.5.3

v1.5.4

v1.5.5

v1.5.6

v1.5.7

v1.5.8

v1.5.9

v1.6.0

v1.6.0-ALPHA1

v1.6.0-ALPHA2

v1.6.0-RC1

v1.6.1

v1.6.10

v1.6.11

v1.6.12

v1.6.13

v1.6.14

v1.6.15

v1.6.16

v1.6.17

v1.6.18

v1.6.19

v1.6.2

v1.6.20

v1.6.21

v1.6.22

v1.6.23

v1.6.3

v1.6.4

v1.6.5

v1.6.6

v1.6.7

v1.6.8

v1.6.9

v1.7.0

v1.7.0-ALPHA1

v1.7.0-BETA1

v1.7.0-BETA2

v1.7.1

v1.7.10

v1.7.11

v1.7.12

v1.7.13

v1.7.14

v1.7.15

v1.7.16

v1.7.17

v1.7.18

v1.7.19

v1.7.2

v1.7.20

v1.7.21

v1.7.22

v1.7.23

v1.7.24

v1.7.25

v1.7.26

v1.7.27

v1.7.28

v1.7.29

v1.7.3

v1.7.30

v1.7.31

v1.7.32

v1.7.33

v1.7.34

v1.7.35

v1.7.36

v1.7.37

v1.7.38

v1.7.39

v1.7.4

v1.7.40

v1.7.41

v1.7.5

v1.7.6

v1.7.7

v1.7.8

v1.7.9

v2.*

v2.0.0

v2.0.0-ALPHA1

v2.0.0-BETA1

v2.0.1

v2.0.10

v2.0.11

v2.0.12

v2.0.13

v2.0.14

v2.0.15

v2.0.16

v2.0.17

v2.0.18

v2.0.19

v2.0.2

v2.0.20

v2.0.21

v2.0.22

v2.0.23

v2.0.24

v2.0.25

v2.0.26

v2.0.27

v2.0.28

v2.0.29

v2.0.3

v2.0.30

v2.0.31

v2.0.32

v2.0.33

v2.0.34

v2.0.35

v2.0.36

v2.0.37

v2.0.38

v2.0.39

v2.0.4

v2.0.40

v2.0.41

v2.0.42

v2.0.43

v2.0.44

v2.0.45

v2.0.46

v2.0.47

v2.0.48

v2.0.49

v2.0.5

v2.0.50

v2.0.51

v2.0.52

v2.0.6

v2.0.7

v2.0.8

v2.0.9

v2.1.0

v2.1.0-ALPHA1

v2.1.0-ALPHA2

v2.1.1

v2.1.2

v2.1.3

v2.1.4

v2.1.5

v2.1.6

v2.1.7

v2.1.8

v2.1.9

v2.2.0

v2.2.0-ALPHA0

v2.2.0-ALPHA1

v2.2.0-ALPHA2

v2.2.0-BETA1

v2.2.1

v2.2.10

v2.2.11

v2.2.12

v2.2.2

v2.2.3

v2.2.4

v2.2.5

v2.2.6

v2.2.7

v2.2.8

v2.2.9

v2.3.0

v2.3.0-ALPHA1

v2.3.0-ALPHA2

v2.3.0-BETA1

v2.3.1

v2.3.10

v2.3.11

v2.3.12

v2.3.13

v2.3.14

v2.3.15

v2.3.16

v2.3.17

v2.3.18

v2.3.19

v2.3.2

v2.3.20

v2.3.21

v2.3.22

v2.3.23

v2.3.24

v2.3.25

v2.3.26

v2.3.27

v2.3.28

v2.3.29

v2.3.3

v2.3.30

v2.3.31

v2.3.32

v2.3.33

v2.3.34

v2.3.35

v2.3.36

v2.3.37

v2.3.38

v2.3.39

v2.3.4

v2.3.40

v2.3.41

v2.3.42

v2.3.43

v2.3.44

v2.3.45

v2.3.46

v2.3.47

v2.3.48

v2.3.49

v2.3.5

v2.3.50

v2.3.51

v2.3.52

v2.3.53

v2.3.54

v2.3.55

v2.3.56

v2.3.57

v2.3.58

v2.3.59

v2.3.6

v2.3.60

v2.3.61

v2.3.62

v2.3.63

v2.3.64

v2.3.65

v2.3.66

v2.3.67

v2.3.68

v2.3.69

v2.3.7

v2.3.70

v2.3.71

v2.3.72

v2.3.73

v2.3.74

v2.3.75

v2.3.76

v2.3.77

v2.3.78

v2.3.8

v2.3.9

v2026.*

v2026.3

v3.*

v3.0.0

v3.0.1

v3.0.10

v3.0.11

v3.0.12

v3.0.13

v3.0.14

v3.0.15

v3.0.16

v3.0.17

v3.0.18

v3.0.19

v3.0.2

v3.0.20

v3.0.21

v3.0.22

v3.0.23

v3.0.24

v3.0.25

v3.0.26

v3.0.27

v3.0.28

v3.0.29

v3.0.3

v3.0.30

v3.0.31

v3.0.32

v3.0.33

v3.0.34

v3.0.35

v3.0.36

v3.0.37

v3.0.38

v3.0.39

v3.0.4

v3.0.40

v3.0.41

v3.0.42

v3.0.43

v3.0.44

v3.0.45

v3.0.46

v3.0.47

v3.0.48

v3.0.49

v3.0.5

v3.0.50

v3.0.51

v3.0.52

v3.0.53

v3.0.54

v3.0.55

v3.0.56

v3.0.57

v3.0.58

v3.0.59

v3.0.6

v3.0.60

v3.0.61

v3.0.62

v3.0.63

v3.0.64

v3.0.65

v3.0.66

v3.0.67

v3.0.68

v3.0.69

v3.0.7

v3.0.70

v3.0.71

v3.0.72

v3.0.73

v3.0.74

v3.0.75

v3.0.76

v3.0.77

v3.0.78

v3.0.79

v3.0.8

v3.0.80

v3.0.81

v3.0.82

v3.0.83

v3.0.84

v3.0.9

v3.1.0

v3.1.0-BETA1

v3.1.1

v3.1.10

v3.1.11

v3.1.12

v3.1.13

v3.1.14

v3.1.15

v3.1.16

v3.1.17

v3.1.18

v3.1.2

v3.1.3

v3.1.4

v3.1.5

v3.1.6

v3.1.7

v3.1.8

v3.1.9

v3.2.0

v3.2.0-BETA1

v3.2.0-BETA2

v3.2.0-BETA3

v3.2.1

v3.2.10

v3.2.11

v3.2.12

v3.2.13

v3.2.14

v3.2.15

v3.2.16

v3.2.17

v3.2.18

v3.2.19

v3.2.2

v3.2.20

v3.2.21

v3.2.22

v3.2.23

v3.2.24

v3.2.25

v3.2.26

v3.2.27

v3.2.28

v3.2.29

v3.2.3

v3.2.30

v3.2.31

v3.2.32

v3.2.33

v3.2.34

v3.2.35

v3.2.36

v3.2.37

v3.2.38

v3.2.39

v3.2.4

v3.2.40

v3.2.41

v3.2.42

v3.2.43

v3.2.44

v3.2.45

v3.2.46

v3.2.47

v3.2.48

v3.2.49

v3.2.5

v3.2.50

v3.2.51

v3.2.52

v3.2.53

v3.2.54

v3.2.55

v3.2.56

v3.2.57

v3.2.58

v3.2.59

v3.2.6

v3.2.60

v3.2.61

v3.2.62

v3.2.63

v3.2.64

v3.2.65

v3.2.66

v3.2.67

v3.2.68

v3.2.69

v3.2.7

v3.2.70

v3.2.71

v3.2.72

v3.2.73

v3.2.74

v3.2.75

v3.2.76

v3.2.77

v3.2.78

v3.2.79

v3.2.8

v3.2.80

v3.2.81

v3.2.82

v3.2.83

v3.2.84

v3.2.9

v4.*

v4.0.0

v4.0.1

v4.0.10

v4.0.100

v4.0.101

v4.0.102

v4.0.103

v4.0.104

v4.0.105

v4.0.106

v4.0.107

v4.0.108

v4.0.109

v4.0.11

v4.0.110

v4.0.111

v4.0.112

v4.0.113

v4.0.114

v4.0.115

v4.0.116

v4.0.117

v4.0.118

v4.0.119

v4.0.12

v4.0.120

v4.0.121

v4.0.122

v4.0.123

v4.0.124

v4.0.125

v4.0.126

v4.0.13

v4.0.14

v4.0.15

v4.0.16

v4.0.17

v4.0.18

v4.0.19

v4.0.2

v4.0.20

v4.0.21

v4.0.22

v4.0.23

v4.0.24

v4.0.25

v4.0.26

v4.0.27

v4.0.28

v4.0.29

v4.0.3

v4.0.30

v4.0.31

v4.0.32

v4.0.33

v4.0.34

v4.0.35

v4.0.36

v4.0.37

v4.0.38

v4.0.39

v4.0.4

v4.0.40

v4.0.41

v4.0.42

v4.0.43

v4.0.44

v4.0.45

v4.0.46

v4.0.47

v4.0.48

v4.0.49

v4.0.5

v4.0.50

v4.0.51

v4.0.52

v4.0.53

v4.0.54

v4.0.55

v4.0.56

v4.0.57

v4.0.58

v4.0.59

v4.0.6

v4.0.60

v4.0.61

v4.0.62

v4.0.63

v4.0.64

v4.0.65

v4.0.66

v4.0.67

v4.0.68

v4.0.69

v4.0.7

v4.0.70

v4.0.71

v4.0.72

v4.0.73

v4.0.74

v4.0.75

v4.0.76

v4.0.77

v4.0.78

v4.0.79

v4.0.8

v4.0.80

v4.0.81

v4.0.82

v4.0.83

v4.0.84

v4.0.85

v4.0.86

v4.0.87

v4.0.88

v4.0.89

v4.0.9

v4.0.90

v4.0.91

v4.0.92

v4.0.93

v4.0.94

v4.0.95

v4.0.96

v4.0.97

v4.0.98

v4.0.99

v5.*

v5.0.0

v5.0.1

v5.0.10

v5.0.100

v5.0.101

v5.0.102

v5.0.103

v5.0.104

v5.0.105

v5.0.106

v5.0.107

v5.0.108

v5.0.109

v5.0.11

v5.0.110

v5.0.111

v5.0.112

v5.0.113

v5.0.114

v5.0.115

v5.0.116

v5.0.117

v5.0.118

v5.0.12

v5.0.13

v5.0.14

v5.0.15

v5.0.16

v5.0.17

v5.0.18

v5.0.19

v5.0.2

v5.0.20

v5.0.21

v5.0.22

v5.0.23

v5.0.24

v5.0.25

v5.0.26

v5.0.27

v5.0.28

v5.0.29

v5.0.3

v5.0.30

v5.0.31

v5.0.32

v5.0.33

v5.0.34

v5.0.35

v5.0.36

v5.0.37

v5.0.38

v5.0.39

v5.0.4

v5.0.40

v5.0.41

v5.0.42

v5.0.43

v5.0.44

v5.0.45

v5.0.46

v5.0.47

v5.0.48

v5.0.49

v5.0.5

v5.0.50

v5.0.51

v5.0.52

v5.0.53

v5.0.54

v5.0.55

v5.0.56

v5.0.57

v5.0.58

v5.0.59

v5.0.6

v5.0.60

v5.0.61

v5.0.62

v5.0.63

v5.0.64

v5.0.65

v5.0.66

v5.0.67

v5.0.68

v5.0.69

v5.0.7

v5.0.70

v5.0.71

v5.0.72

v5.0.73

v5.0.74

v5.0.75

v5.0.76

v5.0.77

v5.0.78

v5.0.79

v5.0.8

v5.0.80

v5.0.81

v5.0.82

v5.0.83

v5.0.84

v5.0.85

v5.0.86

v5.0.87

v5.0.88

v5.0.89

v5.0.9

v5.0.90

v5.0.91

v5.0.92

v5.0.93

v5.0.94

v5.0.95

v5.0.96

v5.0.97

v5.0.98

v5.0.99

v6.*

v6.0.0

v6.0.1

v6.0.10

v6.0.100

v6.0.101

v6.0.102

v6.0.103

v6.0.104

v6.0.105

v6.0.106

v6.0.107

v6.0.108

v6.0.109

v6.0.11

v6.0.110

v6.0.111

v6.0.112

v6.0.113

v6.0.12

v6.0.13

v6.0.14

v6.0.15

v6.0.16

v6.0.17

v6.0.18

v6.0.19

v6.0.2

v6.0.20

v6.0.21

v6.0.22

v6.0.23

v6.0.24

v6.0.25

v6.0.26

v6.0.27

v6.0.28

v6.0.29

v6.0.3

v6.0.30

v6.0.31

v6.0.32

v6.0.33

v6.0.34

v6.0.35

v6.0.36

v6.0.37

v6.0.38

v6.0.39

v6.0.4

v6.0.40

v6.0.41

v6.0.42

v6.0.43

v6.0.44

v6.0.45

v6.0.46

v6.0.47

v6.0.48

v6.0.49

v6.0.5

v6.0.50

v6.0.51

v6.0.52

v6.0.53

v6.0.54

v6.0.55

v6.0.56

v6.0.57

v6.0.58

v6.0.59

v6.0.6

v6.0.60

v6.0.61

v6.0.62

v6.0.63

v6.0.64

v6.0.65

v6.0.66

v6.0.67

v6.0.68

v6.0.69

v6.0.7

v6.0.70

v6.0.71

v6.0.72

v6.0.73

v6.0.74

v6.0.75

v6.0.76

v6.0.77

v6.0.78

v6.0.79

v6.0.8

v6.0.80

v6.0.81

v6.0.82

v6.0.83

v6.0.84

v6.0.85

v6.0.86

v6.0.87

v6.0.88

v6.0.89

v6.0.9

v6.0.90

v6.0.91

v6.0.92

v6.0.93

v6.0.94

v6.0.95

v6.0.96

v6.0.97

v6.0.98

v6.0.99

v7.*

v7.0.0

v7.0.1

v7.0.10

v7.0.11

v7.0.12

v7.0.13

v7.0.14

v7.0.15

v7.0.16

v7.0.17

v7.0.18

v7.0.19

v7.0.2

v7.0.20

v7.0.21

v7.0.22

v7.0.23

v7.0.24

v7.0.25

v7.0.26

v7.0.27

v7.0.28

v7.0.29

v7.0.3

v7.0.30

v7.0.31

v7.0.32

v7.0.33

v7.0.34

v7.0.35

v7.0.36

v7.0.37

v7.0.38

v7.0.39

v7.0.4

v7.0.40

v7.0.41

v7.0.42

v7.0.43

v7.0.44

v7.0.45

v7.0.46

v7.0.47

v7.0.48

v7.0.49

v7.0.5

v7.0.50

v7.0.51

v7.0.52

v7.0.53

v7.0.54

v7.0.55

v7.0.56

v7.0.57

v7.0.58

v7.0.59

v7.0.6

v7.0.60

v7.0.61

v7.0.62

v7.0.63

v7.0.64

v7.0.65

v7.0.66

v7.0.67

v7.0.68

v7.0.69

v7.0.7

v7.0.70

v7.0.71

v7.0.72

v7.0.73

v7.0.74

v7.0.75

v7.0.76

v7.0.77

v7.0.78

v7.0.79

v7.0.8

v7.0.80

v7.0.81

v7.0.82

v7.0.83

v7.0.84

v7.0.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-46157.json"