CVE-2025-30151: Shopware allows Denial Of Service via password length
It’s possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API.
References
- github.com/advisories/GHSA-cgfj-hj93-rmh2
- github.com/shopware/shopware
- github.com/shopware/shopware/releases/tag/v6.5.8.17
- github.com/shopware/shopware/releases/tag/v6.6.10.3
- github.com/shopware/shopware/releases/tag/v6.7.0.0-rc2
- github.com/shopware/shopware/security/advisories/GHSA-cgfj-hj93-rmh2
- nvd.nist.gov/vuln/detail/CVE-2025-30151
Code Behaviors & Features
Detect and mitigate CVE-2025-30151 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →