GHSA-q3g4-2vw9-xv27: Shopware Remote Code Execution Vulnerability
Under certain circumstances, it’s possible to execute an unauthorized foreign code in Shopware. This is a critical security vulnerability that could affect the entire system. All Shopware versions including Shopware 5.2.14 are affected.
References
- community.shopware.com/_detail_1989.html
- docs.shopware.com/en/shopware-5-en/security-updates/security-update-01-2017?category=shopware-5-en/security-updates
- github.com/FriendsOfPHP/security-advisories/blob/master/shopware/shopware/2017-01-24.yaml
- github.com/advisories/GHSA-q3g4-2vw9-xv27
- github.com/shopware5/shopware
- github.com/shopware5/shopware/commit/14299e9ee9f7d93f687b4ec838e0873afbc84fec
Code Behaviors & Features
Detect and mitigate GHSA-q3g4-2vw9-xv27 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →