[GHSA-r2f4-ff2p-xc64] Pimcore Platform - SQL Injection in DataObject composite index handling during class definition import/save#7903
Conversation
|
Hi there @kingjia90! A community member has suggested an improvement to your security advisory. If approved, this change will affect the global advisory listed at github.com/advisories. It will not affect the version listed in your project repository. This change will be reviewed by our Security Curation Team. If you have thoughts or feedback, please share them in a comment here! If this PR has already been closed, you can start a new community contribution for this advisory |
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Updates the affected/fixed version information for GHSA-r2f4-ff2p-xc64 to reflect the correct patch release and last known affected version range.
Changes:
- Adjusted the
fixedversion in the affected range from12.3.7to11.5.17. - Updated
last_known_affected_version_rangefrom<= 12.3.6to<= 11.5.16.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
github-actions
Bot
changed the base branch from
main
to
kingjia90/advisory-improvement-7903
|
Hi there @kingjia90! A community member has suggested an improvement to your security advisory. If approved, this change will affect the global advisory listed at github.com/advisories. It will not affect the version listed in your project repository. This change will be reviewed by our Security Curation Team. If you have thoughts or feedback, please share them in a comment here! If this PR has already been closed, you can start a new community contribution for this advisory |
Updates
Comments
a lower version with the security fix for LTS purposes got released after first publish