Lucene search
CVE-2024-42354
ShopWare store-API does not properly process ManyToMany associations exposing a vulnerability in versions prior to 6.6.5.1 and 6.5.8.13
Show more
| Reporter | Title | Published | Views | Family All 8 |
|---|---|---|---|---|
 | CVE-2024-42354 | 23 May 202507:54 | – | redhatcve |
 | CVE-2024-42354 | 8 Aug 202415:15 | – | osv |
| GHSA-HHCQ-PH6W-494G Shopware vulnerable to Improper Access Control with ManyToMany associations in store-api | 8 Aug 202414:42 | – | osv |
 | CVE-2024-42354 Shopware vulnerable to Improper Access Control with ManyToMany associations in store-api | 8 Aug 202414:44 | – | cvelist |
 | Access Control Bypass | 9 Aug 202407:54 | – | veracode |
 | CVE-2024-42354 | 8 Aug 202415:15 | – | nvd |
 | CVE-2024-42354 Shopware vulnerable to Improper Access Control with ManyToMany associations in store-api | 8 Aug 202414:44 | – | vulnrichment |
 | Shopware vulnerable to Improper Access Control with ManyToMany associations in store-api | 8 Aug 202414:42 | – | github |
[
{
"vendor": "shopware",
"product": "shopware",
"versions": [
{
"version": "<= 6.5.8.12",
"status": "affected"
},
{
"version": ">= 6.6.0.0, <= 6.6.5.0",
"status": "affected"
}
]
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo08 Aug 2024 15:15Current
5.3Medium risk
Vulners AI Score5.3
CVSS35.3 - 5.9
EPSS0.00203
SSVC