CVE-2021-32712: Infoleak
First published: Thu Jun 24 2021(Updated: )
Shopware is an open source eCommerce platform. Versions prior to 5.6.10 are vulnerable to system information leakage in error handling. Users are recommend to update to version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview.
Credit: security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Shopware Shopware | >=5.0.0<5.6.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-32712?
CVE-2021-32712 is a vulnerability in the Shopware eCommerce platform that allows system information leakage in error handling.
How severe is the CVE-2021-32712 vulnerability?
The severity of CVE-2021-32712 is medium, with a severity value of 5.3 out of 10.
How can I fix CVE-2021-32712?
To fix CVE-2021-32712, users are recommended to update to version 5.6.10 of Shopware.
Where can I get the update to version 5.6.10 of Shopware?
You can get the update to version 5.6.10 of Shopware regularly via the Auto-Updater or directly via the download overview.
Are there any references for CVE-2021-32712?
Yes, you can find references for CVE-2021-32712 at the following links: [Reference 1](https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-05-2021), [Reference 2](https://github.com/shopware/shopware/commit/dcb24eb5ec757c991b5a4e2ddced379e5820744d), [Reference 3](https://github.com/shopware/shopware/security/advisories/GHSA-9vxv-wpv4-f52p).
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/tags
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- vendor/shopware
- canonical/shopware shopware
- version/shopware shopware/5.0.0