10 matches found
CVE-2026-31824
Sylius is an Open Source eCommerce Framework on Symfony. A Time-of-Check To Time-of-Use TOCTOU race condition was discovered in the promotion usage limit enforcement. The same class of vulnerability affects the promotion usage limit the global used counter on Promotion entities, coupon usage limi...
EUVD-2026-10921
Sylius has a Promotion Usage Limit Bypass via Race Condition...
EUVD-2026-10920
Sylius has a Promotion Usage Limit Bypass via Race Condition...
Sylius has a Promotion Usage Limit Bypass via Race Condition
Impact A Time-of-Check To Time-of-Use TOCTOU race condition was discovered in the promotion usage limit enforcement. The same class of vulnerability affects three independent limits: 1. Promotion usage limit - the global used counter on Promotion entities 2. Coupon usage limit - the global used...
GHSA-7MP4-25J8-HP5Q Sylius has a Promotion Usage Limit Bypass via Race Condition
Impact A Time-of-Check To Time-of-Use TOCTOU race condition was discovered in the promotion usage limit enforcement. The same class of vulnerability affects three independent limits: 1. Promotion usage limit - the global used counter on Promotion entities 2. Coupon usage limit - the global used...
CVE-2026-31824
Sylius is an Open Source eCommerce Framework on Symfony. A Time-of-Check To Time-of-Use TOCTOU race condition was discovered in the promotion usage limit enforcement. The same class of vulnerability affects the promotion usage limit the global used counter on Promotion entities, coupon usage limi...
CVE-2026-31824 Sylius has a Promotion Usage Limit Bypass via Race Condition
Sylius is an Open Source eCommerce Framework on Symfony. A Time-of-Check To Time-of-Use TOCTOU race condition was discovered in the promotion usage limit enforcement. The same class of vulnerability affects the promotion usage limit the global used counter on Promotion entities, coupon usage limi...
CVE-2026-31824
Sylius (Open Source eCommerce Framework on Symfony) disclosure describes a TOCTOU race in promotion usage limits. The vulnerability affects the global used counters on Promotion entities, PromotionCoupon entities, and per-customer coupon redemption counts. The root cause is reading in-memory coun...
CVE-2026-31824
Sylius is an Open Source eCommerce Framework on Symfony. A Time-of-Check To Time-of-Use TOCTOU race condition was discovered in the promotion usage limit enforcement. The same class of vulnerability affects the promotion usage limit the global used counter on Promotion entities, coupon usage limi...
Exploit for CVE-2025-69871
Ethan Public Disclosures Security vulnerability disclosures a...