aimeos/aimeos-core

Packagist2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting aimeos/aimeos-corepage 1 of 1

CVE-2024-37294MEDIUMCVSS 5.5EG 5.5✓ Fixed in 2022.10.17
2024-06-11
vulnerable: 2022.04.1 ... 2022.10.9 (34 versions)
Aimeos is an Open Source e-commerce framework for online shops. All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack. Users should upgrade to versions 2022.10.17, 202…
CVE-2024-37295HIGHCVSS 7.2EG 7.2✓ Fixed in 2024.04.5
2024-06-11
vulnerable: 2024.04.1, 2024.04.2, 2024.04.3, 2024.04.4
Aimeos is an Open Source e-commerce framework for online shops. Starting in version 2024.01.1 and prior to version 2024.04.5, a user with administrative privileges can upload files that look like images but contain PHP code which can then …

Check whether aimeos/aimeos-core is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for aimeos/aimeos-core CVEs against the assets you own.

Start Free Scan →