ГлавнаяУязвимости → CVE-2026-23498
7.2высокая

CVE-2026-23498

Описание

Shopware is an open commerce platform. From 6.7.0.0 to before 6.7.6.1, a regression of CVE-2023-2017 leads to an array and array crafted PHP Closure not checked being against allow list for the map(...) override. This vulnerability is fixed in 6.7.6.1.

Затрагиваемое ПО
Shopware Shopware
CVSS
Балл7.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/shopware/shopware/commit/3966b05590e29432b8485ba47b4fcd14dd0b8475https://github.com/shopware/shopware/security/advisories/GHSA-7cw6-7h3h-v8pf