VulnerableCode Package Details - pkg:composer/ec-cube/ec-cube@3.0.18-p3

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:composer/ec-cube/ec-cube@3.0.18-p3

purl	pkg:composer/ec-cube/ec-cube@3.0.18-p3
Tags	Ghost

Next non-vulnerable version	3.1.0-alpha
Latest non-vulnerable version	3.1.0-alpha
Risk	3.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-h22q-5adj-9bhu Aliases: CVE-2022-25355 GHSA-pw97-6v74-9w3p	EC-CUBE improperly handles HTTP Host header values	3.0.18 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 4.1.2 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-h22q-5adj-9bhu
Aliases:
CVE-2022-25355
GHSA-pw97-6v74-9w3p

EC-CUBE improperly handles HTTP Host header values

3.0.18
Affected by 5 other vulnerabilities.

4.1.2
Affected by 7 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-11T20:28:20.785613+00:00	GHSA Importer	Affected by	VCID-h22q-5adj-9bhu	https://github.com/advisories/GHSA-pw97-6v74-9w3p	38.6.0