VulnerableCode Package Details - pkg:composer/shopware/platform@6.4.3%2B1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2e24-h4wg-6fgy	Cross-site Scripting Shopware is an open source eCommerce platform. contain a Cross-Site Scripting vulnerability via SVG media files.	CVE-2021-37710 GHSA-fc38-mxwr-pfhx
VCID-39y7-ay38-m7dz	Inclusion of Sensitive Information in Log Files Shopware is an open source eCommerce platform. contain a vulnerability involving an insecure direct object reference of log files of the Import/Export feature. contains a patch.	CVE-2021-37709 GHSA-54gp-qff8-946c
VCID-5393-j7pp-tqa2	Improper Input Validation Shopware is an open source eCommerce platform. contain a vulnerability that allows manipulation of product reviews via API. contains a patch.	CVE-2021-37707 GHSA-9f8f-574q-8jmf
VCID-s891-7fx6-k7e8	Server-Side Request Forgery (SSRF) Shopware contains an authenticated server-side request forgery vulnerability in file upload via URL.	CVE-2021-37711 GHSA-gcvv-gq92-x94r
VCID-wdc4-uy1a-ybec	Command Injection Shopware is an open source eCommerce platform. contain a command injection vulnerability in mail agent settings.	CVE-2021-37708 GHSA-xh55-2fqp-p775

Vulnerability

Summary

Aliases

VCID-2e24-h4wg-6fgy

Cross-site Scripting Shopware is an open source eCommerce platform. contain a Cross-Site Scripting vulnerability via SVG media files.

CVE-2021-37710
GHSA-fc38-mxwr-pfhx

VCID-39y7-ay38-m7dz

Inclusion of Sensitive Information in Log Files Shopware is an open source eCommerce platform. contain a vulnerability involving an insecure direct object reference of log files of the Import/Export feature. contains a patch.

CVE-2021-37709
GHSA-54gp-qff8-946c

VCID-5393-j7pp-tqa2

Improper Input Validation Shopware is an open source eCommerce platform. contain a vulnerability that allows manipulation of product reviews via API. contains a patch.

CVE-2021-37707
GHSA-9f8f-574q-8jmf

VCID-s891-7fx6-k7e8

Server-Side Request Forgery (SSRF) Shopware contains an authenticated server-side request forgery vulnerability in file upload via URL.

CVE-2021-37711
GHSA-gcvv-gq92-x94r

VCID-wdc4-uy1a-ybec

Command Injection Shopware is an open source eCommerce platform. contain a command injection vulnerability in mail agent settings.

CVE-2021-37708
GHSA-xh55-2fqp-p775

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-30T20:55:29.580345+00:00	GitLab Importer	Fixing	VCID-5393-j7pp-tqa2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/shopware/platform/CVE-2021-37707.yml	38.6.0
2026-05-30T20:55:29.527484+00:00	GitLab Importer	Fixing	VCID-39y7-ay38-m7dz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/shopware/platform/CVE-2021-37709.yml	38.6.0
2026-05-30T20:55:29.505187+00:00	GitLab Importer	Fixing	VCID-s891-7fx6-k7e8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/shopware/platform/CVE-2021-37711.yml	38.6.0
2026-05-30T20:55:29.451470+00:00	GitLab Importer	Fixing	VCID-2e24-h4wg-6fgy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/shopware/platform/CVE-2021-37710.yml	38.6.0
2026-05-30T20:55:29.426608+00:00	GitLab Importer	Fixing	VCID-wdc4-uy1a-ybec	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/shopware/platform/CVE-2021-37708.yml	38.6.0