CVE-2023-32075: Release 3.3.9 · pimcore/customer-data-framework

Skip to content

Sign up

• • Actions

    Automate any workflow

  • Packages

    Host and manage packages

  • Security

    Find and fix vulnerabilities

  • Codespaces

    Instant dev environments

  • Copilot

    Write better code with AI

  • Code review

    Manage code changes

  • Issues

    Plan and track work

  • Discussions

    Collaborate outside of code

Explore

*   All features
*   Documentation
*   GitHub Skills
*   Blog

• For

  • Enterprise
  • Teams
  • Startups
  • Education

  By Solution

  • CI/CD & Automation
  • DevOps
  • DevSecOps

  Case Studies

  • Customer Stories
  • Resources

• • GitHub Sponsors

    Fund open source developers

*   The ReadME Project
    
    GitHub community articles
    

Repositories

*   Topics
*   Trending
*   Collections

• Pricing

• In this repository All GitHub

• No suggested jump to results

• In this repository All GitHub

• In this organization All GitHub

• In this repository All GitHub

Sign in

Sign up

pimcore / customer-data-framework Public

• Notifications
• Fork 81
• Star 76

• Code
• Issues 16
• Pull requests 3
• Actions
• Security
• Insights

More

1. Releases
2. v3.3.9

Latest

Latest

Compare

Choose a tag to compare

dvesh3 released this

10 May 13:55

v3.3.9

e8424fd

This commit was created on GitHub.com and signed with GitHub’s verified signature.

GPG key ID: 4AEE18F83AFDEB23

Learn about vigilant mode.

What’s Changed

• [Security] Embeding untrusted input inside CSV files leads to Formula Injection/CSV Injection by @mcop1 in #453
• [Security] Restrict negative value by @aryaantony92 in #466
• Fix phpdocs for DefaultMariaDbActivityList $activities property by @dvesh3 in #468

Full Changelog: v3.3.8…v3.3.9

Contributors

dvesh3, mcop1, and aryaantony92

Assets 2