CVE - CVE-2021-32716

CVE-ID
CVE-2021-32716	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Shopware is an open source eCommerce platform. In versions prior to 6.4.1.1 the admin api has exposed some internal hidden fields when an association has been loaded with a to many reference. Users are recommend to update to version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the Auto-Updater or directly via the download overview. For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:https://github.com/shopware/platform/security/advisories/GHSA-gpmh-g94g-qrhr URL:https://github.com/shopware/platform/security/advisories/GHSA-gpmh-g94g-qrhr MISC:https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-06-2021 URL:https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-06-2021 MISC:https://github.com/shopware/platform/commit/b5c3ce3e93bd121324d72aa9d367cb636ff1c0eb URL:https://github.com/shopware/platform/commit/b5c3ce3e93bd121324d72aa9d367cb636ff1c0eb
Assigning CNA
GitHub (maintainer security advisories)
Date Record Created
20210512	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20210512)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)