GHSA-9vxv-wpv4-f52p

Source

https://github.com/advisories/GHSA-9vxv-wpv4-f52p

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/05/GHSA-9vxv-wpv4-f52p/GHSA-9vxv-wpv4-f52p.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-9vxv-wpv4-f52p

Published

2021-05-21T14:29:33Z

Modified

2024-12-02T05:42:00.687381Z

Summary

Information leakage in Error Handler

Details

Impact

Information leakage in Error Handler

Patches

We recommend updating to the current version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview.

For older versions you can use the Security Plugin: https://store.shopware.com/en/swag575294366635f/shopware-security-plugin.html

References

https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-05-2021

Database specific

{
    "nvd_published_at": null,
    "cwe_ids": [
        "CWE-209"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-18T16:06:57Z"
}

References

https://github.com/shopware/shopware/security/advisories/GHSA-9vxv-wpv4-f52p

Affected packages

Packagist / shopware/shopware

Package

Name: shopware/shopware
Purl: pkg:composer/shopware/shopware

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.6.10

Affected versions

1.*

1.0.2

1.0.8

4.*

4.2.0-rc.1

4.2.0

4.2.1

4.2.1.1

4.2.2

4.2.3

4.3.0

4.3.1

4.3.2

4.3.3

4.3.4

4.3.5

4.3.6

4.3.7

v5.*

v5.0.0-BETA1

v5.0.0-BETA2

v5.0.0-RC1

v5.0.0-RC2

v5.0.0-RC3

v5.0.0

v5.0.1

v5.0.2-RC1

v5.0.2

v5.0.3-RC1

v5.0.3

v5.0.4-RC1

v5.0.4

v5.1.0-RC2

v5.1.0-RC3

v5.1.0

v5.1.1

v5.1.2-RC1

v5.1.2-RC2

v5.1.2

v5.1.3-RC1

v5.1.3

v5.1.4

v5.1.5

v5.1.6

v5.2.0-BETA1

v5.2.0-RC1

v5.2.0-RC2

v5.2.0-RC3

v5.2.0

v5.2.1

v5.2.2

v5.2.3

v5.2.4

v5.2.5

v5.2.6

v5.2.7

v5.2.8

v5.2.9

v5.2.10

v5.2.11

v5.2.12

v5.2.13

v5.2.14

v5.2.15

v5.2.16

v5.2.17

v5.2.18

v5.2.19

v5.2.20

v5.2.21

v5.2.22

v5.2.23

v5.2.24

v5.2.25

v5.2.26

v5.2.27

v5.3.4

v5.3.5

v5.3.6

v5.3.7

v5.4.0-RC1

v5.4.0

v5.4.1

v5.4.2

v5.4.3

v5.4.4

v5.4.5

v5.4.6

v5.5.0-BETA1

v5.5.0-RC1

v5.5.0

v5.5.1

v5.5.2

v5.5.3

v5.5.4

v5.5.5

v5.5.6

v5.5.7

v5.5.8

v5.5.9

v5.5.10

v5.6.0-RC1

v5.6.0

v5.6.1

v5.6.2

v5.6.3

v5.6.4

v5.6.5

v5.6.6

v5.6.7

v5.6.8

v5.6.9

5.*

5.3.0

Database specific

{
    "last_known_affected_version_range": "<= 5.6.9"
}