GHSA-r2vq-p658-p274
Suggest an improvement- Source
- https://github.com/advisories/GHSA-r2vq-p658-p274
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/02/GHSA-r2vq-p658-p274/GHSA-r2vq-p658-p274.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-r2vq-p658-p274
- Aliases
- Published
- 2023-02-13T21:31:03Z
- Modified
- 2024-12-03T06:07:16.966665Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- SameSite Attribute vulnerability in pimCore
- Details
-
An improper SameSite Attribute vulnerability in pimCore v10.5.15 allows attackers to execute arbitrary code.
- Database specific
{ "nvd_published_at": "2023-02-13T21:15:00Z", "cwe_ids": [], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2023-02-14T00:29:53Z" }- References
Affected packages
Packagist / pimcore/pimcore
Package
- Name
- pimcore/pimcore
- Purl
- pkg:composer/pimcore/pimcore
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.5.16
Affected versions
2.*
2.2.0
2.2.1
2.2.2
2.3.0
3.*
3.0.0
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.6
3.1.0
3.1.1
4.*
4.0.0
4.0.1
4.1.0
4.1.1
4.1.2
4.1.3
4.2.0
4.3.0
4.3.1
4.4.0
4.4.1
4.4.2
4.4.3
4.5.0
4.6.0
4.6.1
4.6.2
4.6.3
4.6.4
4.6.5
v5.*
v5.0.0-RC
v5.0.0
v5.0.1
v5.0.2
v5.0.3
v5.0.4
v5.1.0-alpha
v5.1.0
v5.1.1
v5.1.2
v5.1.3
v5.2.0
v5.2.1
v5.2.2
v5.2.3
v5.3.0
v5.3.1
v5.4.0
v5.4.1
v5.4.2
v5.4.3
v5.4.4
v5.5.0
v5.5.1
v5.5.2
v5.5.3
v5.5.4
v5.6.0
v5.6.1
v5.6.2
v5.6.3
v5.6.4
v5.6.5
v5.6.6
v5.7.0
v5.7.1
v5.7.2
v5.7.3
v5.8.0
v5.8.1
v5.8.2
v5.8.3
v5.8.4
v5.8.5
v5.8.6
v5.8.7
v5.8.8
v5.8.9
v6.*
v6.0.0
v6.0.1
v6.0.2
v6.0.3
v6.0.4
v6.0.5
v6.1.0
v6.1.1
v6.1.2
v6.2.0
v6.2.1
v6.2.2
v6.2.3
v6.3.0
v6.3.1
v6.3.2
v6.3.3
v6.3.4
v6.3.5
v6.3.6
v6.4.0
v6.4.1
v6.4.2
v6.5.0
v6.5.1
v6.5.2
v6.5.3
v6.6.0
v6.6.1
v6.6.2
v6.6.3
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.6.10
v6.6.11
v6.7.0
v6.7.1
v6.7.2
v6.7.3
v6.8.0
v6.8.1
v6.8.2
v6.8.3
v6.8.4
v6.8.5
v6.8.6
v6.8.7
v6.8.8
v6.8.9
v6.8.10
v6.8.11
v6.8.12
v6.9.0
v6.9.1
v6.9.2
v6.9.3
v6.9.4
v6.9.5
v6.9.6
v10.*
v10.0.0-BETA1
v10.0.0-BETA2
v10.0.0-BETA3
v10.0.0-BETA4
v10.0.0
v10.0.1
v10.0.2
v10.0.3
v10.0.4
v10.0.5
v10.0.6
v10.0.7
v10.0.9
v10.1.0
v10.1.1
v10.1.2
v10.1.3
v10.1.4
v10.1.5
v10.2.0
v10.2.1
v10.2.2
v10.2.3
v10.2.4
v10.2.5
v10.2.6
v10.2.7
v10.2.8
v10.2.9
v10.2.10
v10.3.0
v10.3.1
v10.3.2
v10.3.3
v10.3.4
v10.3.5
v10.3.6
v10.3.7
v10.4.0
v10.4.1
v10.4.2
v10.4.3
v10.4.4
v10.4.5
v10.4.6
v10.5.0
v10.5.1
v10.5.2
v10.5.3
v10.5.4
v10.5.5
v10.5.6
v10.5.7
v10.5.8
v10.5.9
v10.5.10
v10.5.11
v10.5.12
v10.5.13
v10.5.14
v10.5.15
10.*
10.0.8