Packagist (Composer) package
aimeos/ai-client-html
pkg:composer/aimeos/ai-client-html
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-38516 | Hig | 8.8 | >= 2024.04.1, < 2024.04.7 | 2024.04.7 | Jun 25, 2024 | ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables in error log. This issue has been patched in versions 2024.04.7, 2023.10.15, 2022.10.13 and 2021.10.22. | |
| CVE-2024-37296 | Med | 5.3 | >= 2024.04.1, < 2024.04.5 | 2024.04.5 | Jun 11, 2024 | The Aimeos HTML client provides Aimeos HTML components for e-commerce projects. Starting in version 2020.04.1 and prior to versions 2020.10.27, 2021.10.21, 2022.10.12, 2023.10.14, and 2024.04.5, digital downloads sold in online shops can be downloaded without valid payment, e.g. |
- affected >= 2024.04.1, < 2024.04.7fixed 2024.04.7
ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables in error log. This issue has been patched in versions 2024.04.7, 2023.10.15, 2022.10.13 and 2021.10.22.
- affected >= 2024.04.1, < 2024.04.5fixed 2024.04.5
The Aimeos HTML client provides Aimeos HTML components for e-commerce projects. Starting in version 2020.04.1 and prior to versions 2020.10.27, 2021.10.21, 2022.10.12, 2023.10.14, and 2024.04.5, digital downloads sold in online shops can be downloaded without valid payment, e.g.