Packagist (Composer) package
aimeos/ai-controller-frontend
pkg:composer/aimeos/ai-controller-frontend
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-39319 | — | >= 2024.04.1, < 2024.04.2 | 2024.04.2 | Sep 26, 2024 | aimeos/ai-controller-frontend is the Aimeos frontend controller package for e-commerce projects. Prior to versions 2024.4.2, 2023.10.9, 2022.10.8, 2021.10.8, and 2020.10.15, an insecure direct object reference allows an attacker to disable subscriptions and reviews of another cus | ||
| CVE-2024-39325 | — | >= 2023.04.1, < 2023.10.9 | 2023.10.9 | Jul 2, 2024 | aimeos/ai-controller-frontend is the Aimeos frontend controller. Prior to versions 2024.04.2, 2023.10.9, 2022.10.8, 2021.10.8, and 2020.10.15, aimeos/ai-controller-frontend doesn't reset the payment status of a user's basket after the user completes a purchase. Versions 2024.04. |
- CVE-2024-39319Sep 26, 2024affected >= 2024.04.1, < 2024.04.2fixed 2024.04.2
aimeos/ai-controller-frontend is the Aimeos frontend controller package for e-commerce projects. Prior to versions 2024.4.2, 2023.10.9, 2022.10.8, 2021.10.8, and 2020.10.15, an insecure direct object reference allows an attacker to disable subscriptions and reviews of another cus
- CVE-2024-39325Jul 2, 2024affected >= 2023.04.1, < 2023.10.9fixed 2023.10.9
aimeos/ai-controller-frontend is the Aimeos frontend controller. Prior to versions 2024.04.2, 2023.10.9, 2022.10.8, 2021.10.8, and 2020.10.15, aimeos/ai-controller-frontend doesn't reset the payment status of a user's basket after the user completes a purchase. Versions 2024.04.