Pimcore Customer Data Framework
By the Year
In 2023 there have been 3 vulnerabilities in Pimcore Customer Data Framework with an average score of 6.0 out of ten. Customer Data Framework did not have any published security vulnerabilities last year. That is, 3 more vulnerabilities have already been reported in 2023 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 3 | 6.03 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Customer Data Framework vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Pimcore Customer Data Framework Security Vulnerabilities
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/customer-data-framework prior to 3.4.2.
CVE-2023-4145
5.4 - Medium
- August 03, 2023
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/customer-data-framework prior to 3.4.2.
XSS
Storing Passwords in a Recoverable Format in GitHub repository pimcore/customer-data-framework prior to 3.3.10.
CVE-2023-2881
4.9 - Medium
- May 25, 2023
Storing Passwords in a Recoverable Format in GitHub repository pimcore/customer-data-framework prior to 3.3.10.
Insufficiently Protected Credentials
Improper Neutralization of Formula Elements in a CSV File in GitHub repository pimcore/customer-data-framework prior to 3.3.9.
CVE-2023-2629
7.8 - High
- May 10, 2023
Improper Neutralization of Formula Elements in a CSV File in GitHub repository pimcore/customer-data-framework prior to 3.3.9.
CSV Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Pimcore Customer Management Framework or by Pimcore? Click the Watch button to subscribe.
