akeneo/pim-community-dev

Packagist2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting akeneo/pim-community-devpage 1 of 1

CVE-2017-1000009CRITICALCVSS 9.8EG 9.8✓ Fixed in 1.6.6
2017-07-17
vulnerable: v1.6.0 ... v1.6.5 (9 versions)
Akeneo PIM CE and EE <1.6.6, <1.5.15, <1.4.28 are vulnerable to shell injection in the mass edition, resulting in remote execution.
CVE-2022-46157HIGHCVSS 8.8EG 8.8✓ Fixed in 5.0.119
2022-12-09
vulnerable: 1.3.30 ... v5.0.99 (852 versions)
Akeneo PIM is an open source Product Information Management (PIM). Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute arbitrary PHP code on the server by uploading a crafted image…

Check whether akeneo/pim-community-dev is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for akeneo/pim-community-dev CVEs against the assets you own.

Start Free Scan →