GHSA-vj9x-w7ch-f46p

Source

https://github.com/advisories/GHSA-vj9x-w7ch-f46p

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/01/GHSA-vj9x-w7ch-f46p/GHSA-vj9x-w7ch-f46p.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-vj9x-w7ch-f46p

Aliases

CVE-2022-0258

Published

2022-01-21T23:50:08Z

Modified

2023-11-08T04:07:30.883456Z

Severity

8.3 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L CVSS Calculator

Summary

pimcore is vulnerable to SQL Injection

Details

pimcore is vulnerable to Improper Neutralization of Special Elements used in an SQL Command

Database specific

{
    "severity": "HIGH",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-89"
    ],
    "github_reviewed_at": "2022-01-19T14:22:43Z",
    "nvd_published_at": "2022-01-17T16:15:00Z"
}

References

Affected packages

Packagist / pimcore/pimcore

Package

Name: pimcore/pimcore
Purl: pkg:composer/pimcore/pimcore

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

10.2.9

Affected versions

2.*

2.2.0

2.2.1

2.2.2

2.3.0

3.*

3.0.0

3.0.1

3.0.2

3.0.3

3.0.4

3.0.5

3.0.6

3.1.0

3.1.1

4.*

4.0.0

4.0.1

4.1.0

4.1.1

4.1.2

4.1.3

4.2.0

4.3.0

4.3.1

4.4.0

4.4.1

4.4.2

4.4.3

4.5.0

4.6.0

4.6.1

4.6.2

4.6.3

4.6.4

4.6.5

v5.*

v5.0.0-RC

v5.0.0

v5.0.1

v5.0.2

v5.0.3

v5.0.4

v5.1.0-alpha

v5.1.0

v5.1.1

v5.1.2

v5.1.3

v5.2.0

v5.2.1

v5.2.2

v5.2.3

v5.3.0

v5.3.1

v5.4.0

v5.4.1

v5.4.2

v5.4.3

v5.4.4

v5.5.0

v5.5.1

v5.5.2

v5.5.3

v5.5.4

v5.6.0

v5.6.1

v5.6.2

v5.6.3

v5.6.4

v5.6.5

v5.6.6

v5.7.0

v5.7.1

v5.7.2

v5.7.3

v5.8.0

v5.8.1

v5.8.2

v5.8.3

v5.8.4

v5.8.5

v5.8.6

v5.8.7

v5.8.8

v5.8.9

v6.*

v6.0.0

v6.0.1

v6.0.2

v6.0.3

v6.0.4

v6.0.5

v6.1.0

v6.1.1

v6.1.2

v6.2.0

v6.2.1

v6.2.2

v6.2.3

v6.3.0

v6.3.1

v6.3.2

v6.3.3

v6.3.4

v6.3.5

v6.3.6

v6.4.0

v6.4.1

v6.4.2

v6.5.0

v6.5.1

v6.5.2

v6.5.3

v6.6.0

v6.6.1

v6.6.2

v6.6.3

v6.6.4

v6.6.5

v6.6.6

v6.6.7

v6.6.8

v6.6.9

v6.6.10

v6.6.11

v6.7.0

v6.7.1

v6.7.2

v6.7.3

v6.8.0

v6.8.1

v6.8.2

v6.8.3

v6.8.4

v6.8.5

v6.8.6

v6.8.7

v6.8.8

v6.8.9

v6.8.10

v6.8.11

v6.8.12

v6.9.0

v6.9.1

v6.9.2

v6.9.3

v6.9.4

v6.9.5

v6.9.6

v10.*

v10.0.0-BETA1

v10.0.0-BETA2

v10.0.0-BETA3

v10.0.0-BETA4

v10.0.0

v10.0.1

v10.0.2

v10.0.3

v10.0.4

v10.0.5

v10.0.6

v10.0.7

v10.0.9

v10.1.0

v10.1.1

v10.1.2

v10.1.3

v10.1.4

v10.1.5

v10.2.0

v10.2.1

v10.2.2

v10.2.3

v10.2.4

v10.2.5

v10.2.6

v10.2.7

v10.2.8

10.*

10.0.8