pimcore/pimcore Security Advisories for v11.1.5 (4)
-
[HIGH] Pimcore includes vulnerable PHPOffice/PhpSpreadsheet
PKSA-kcqp-44r9-qh72 GHSA-hq76-662x-7mw4
Affected version: >=11.1.0.0,<11.1.6.11|>=10.6.9.0,<10.6.9.12
Reported by:
GitHub -
[HIGH] Flooding Server with Thumbnail files
PKSA-2ws5-72xf-nzn8 CVE-2024-32871 GHSA-277c-5vvj-9pwx
Affected version: >=11.0.0,<11.2.4
Reported by:
GitHub -
[MEDIUM] Pimcore TinyMCE Bundle - tinymce CVE-2024-29203, CVE-2024-29881
PKSA-8cp9-pysj-5xkk GHSA-vjwg-28gv-pm8h
Affected version: >=11.0.0-ALPHA1,<11.1.6.5|>=11.2.0,<11.2.3
Reported by:
GitHub -
[MEDIUM] Pimcore Preview Documents are not restricted to logged in users anymore
PKSA-jxkv-3v6v-4yn3 CVE-2024-29197 GHSA-5737-rqv4-v445
Affected version: >=11.2.0,<11.2.2|>11.0.0,<11.1.6.1
Reported by:
GitHub