VulnerableCode Package Details - pkg:composer/oro/calendar-bundle@4.2.6

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:composer/oro/calendar-bundle@4.2.6

Essentials
History (2)

purl	pkg:composer/oro/calendar-bundle@4.2.6

Next non-vulnerable version	5.0.7
Latest non-vulnerable version	5.1.1
Risk	3.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-z6mk-z5rj-b3g4 Aliases: CVE-2023-32062 GHSA-x2xm-p6vq-482g	Improper Access Control OroPlatform is a package that assists system and user calendar management. Back-office users can access information from any system calendar event, bypassing ACL security restrictions due to insufficient security checks. This vulnerability has been patched in version 5.1.1.	4.2.7 Affected by 0 other vulnerabilities. 5.0.7 Affected by 0 other vulnerabilities. 5.1.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-z6mk-z5rj-b3g4
Aliases:
CVE-2023-32062
GHSA-x2xm-p6vq-482g

Improper Access Control OroPlatform is a package that assists system and user calendar management. Back-office users can access information from any system calendar event, bypassing ACL security restrictions due to insufficient security checks. This vulnerability has been patched in version 5.1.1.

4.2.7
Affected by 0 other vulnerabilities.

5.0.7
Affected by 0 other vulnerabilities.

5.1.1
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-31T21:37:29.087867+00:00	GHSA Importer	Affected by	VCID-z6mk-z5rj-b3g4	https://github.com/advisories/GHSA-x2xm-p6vq-482g	38.6.0
2026-05-30T21:02:36.892452+00:00	GitLab Importer	Affected by	VCID-z6mk-z5rj-b3g4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/oro/calendar-bundle/CVE-2023-32062.yml	38.6.0