CVE-2021-32716: Information Exposure

June 24, 2021 (updated October 25, 2022)

Shopware is an open source eCommerce platform. the admin api has exposed some internal hidden fields when an association has been loaded with a to many reference.

References

docs.shopware.com/en/shopware-6-en/security-updates/security-update-06-2021
nvd.nist.gov/vuln/detail/CVE-2021-32716

Detect and mitigate CVE-2021-32716 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →