pimcore/pimcore vulnerabilities

Content & Product Management Framework (CMS/PIM/E-Commerce)

Latest version: v6.3.2

Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the pimcore/pimcore package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability Vulnerable versions Snyk patch Published
  • M
SQL Injection
<6.3.0 Not available 17 Nov, 2019
  • H
Cross-site Scripting (XSS)
<6.3.0 Not available 15 Nov, 2019
  • M
Improper Authentication
<6.2.2 Not available 15 Nov, 2019
  • M
Information Exposure
<6.2.2 Not available 15 Nov, 2019
  • M
Improper Access Control
<6.2.2 Not available 15 Nov, 2019
  • M
Cross-site Scripting (XSS)
>=6.2.3 Not available 31 Oct, 2019
  • M
Deserialization of Untrusted Data
<5.7.1 Not available 15 Jul, 2019
  • H
Arbitrary File Upload
<5.7.1 Not available 15 Jul, 2019
  • M
Deserialization of Untrusted Data
<5.7.1 Not available 24 Mar, 2019
  • H
Cross-site Request Forgery (CSRF)
<5.3.0 Not available 19 Aug, 2018
  • M
Cross-site Scripting (XSS)
<5.3.0 Not available 19 Aug, 2018
  • M
SQL Injection
<5.3.0 Not available 19 Aug, 2018