Security Advisories - PKSA-bpp9-7wqw-wr8k - Packagist

PKSA-bpp9-7wqw-wr8k Security Advisory

[MEDIUM] CVE-2020-5220: Ability to define unintended serialisation groups via HTTP header which might lead to data exposure

PKSA-bpp9-7wqw-wr8k CVE-2020-5220 GHSA-8vp7-j5cj-vvm2

Affected package: sylius/sylius

Affected version: >=1.0.0,<1.1.0|>=1.1.0,<1.2.0|>=1.2.0,<1.3.0|>=1.3.0,<1.3.12|>=1.4.0,<1.4.4

Reported by:
GitHub, FriendsOfPHP/security-advisories