VulnerableCode Package Details - pkg:composer/oro/calendar-bundle@4.2.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:composer/oro/calendar-bundle@4.2.0

Essentials
History (2)

purl	pkg:composer/oro/calendar-bundle@4.2.0

Next non-vulnerable version	4.2.7
Latest non-vulnerable version	5.1.1
Risk	3.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-mk5p-7x3m-v7hb Aliases: CVE-2023-32062 GHSA-x2xm-p6vq-482g	Improper Access Control OroPlatform is a package that assists system and user calendar management. Back-office users can access information from any system calendar event, bypassing ACL security restrictions due to insufficient security checks. This vulnerability has been patched in version 5.1.1.	4.2.7 Affected by 0 other vulnerabilities. 5.0.7 Affected by 0 other vulnerabilities. 5.1.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-mk5p-7x3m-v7hb
Aliases:
CVE-2023-32062
GHSA-x2xm-p6vq-482g

Improper Access Control OroPlatform is a package that assists system and user calendar management. Back-office users can access information from any system calendar event, bypassing ACL security restrictions due to insufficient security checks. This vulnerability has been patched in version 5.1.1.

4.2.7
Affected by 0 other vulnerabilities.

5.0.7
Affected by 0 other vulnerabilities.

5.1.1
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-07T20:51:04.917809+00:00	GHSA Importer	Affected by	VCID-mk5p-7x3m-v7hb	https://github.com/advisories/GHSA-x2xm-p6vq-482g	38.6.0
2026-06-02T04:46:24.675467+00:00	GitLab Importer	Affected by	VCID-mk5p-7x3m-v7hb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/oro/calendar-bundle/CVE-2023-32062.yml	38.6.0