VulnerableCode Package Details - pkg:composer/oro/calendar-bundle@4.2.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:composer/oro/calendar-bundle@4.2.2

Essentials
History (1)

purl	pkg:composer/oro/calendar-bundle@4.2.2

Next non-vulnerable version	4.2.7
Latest non-vulnerable version	5.1.1
Risk	3.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-mk5p-7x3m-v7hb Aliases: CVE-2023-32062 GHSA-x2xm-p6vq-482g	Improper Access Control OroPlatform is a package that assists system and user calendar management. Back-office users can access information from any system calendar event, bypassing ACL security restrictions due to insufficient security checks. This vulnerability has been patched in version 5.1.1.	4.2.7 Affected by 0 other vulnerabilities. 5.0.7 Affected by 0 other vulnerabilities. 5.1.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-mk5p-7x3m-v7hb
Aliases:
CVE-2023-32062
GHSA-x2xm-p6vq-482g

Improper Access Control OroPlatform is a package that assists system and user calendar management. Back-office users can access information from any system calendar event, bypassing ACL security restrictions due to insufficient security checks. This vulnerability has been patched in version 5.1.1.

4.2.7
Affected by 0 other vulnerabilities.

5.0.7
Affected by 0 other vulnerabilities.

5.1.1
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-06T04:21:05.422407+00:00	GitLab Importer	Affected by	VCID-mk5p-7x3m-v7hb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/oro/calendar-bundle/CVE-2023-32062.yml	38.6.0