CVE-2023-22731

Description

### Impact In Twig environment **without the Sandbox extension**, it is possible to refer to PHP functions in twig filters like `map`, `filter`, `sort`. This allows in the template to call any global PHP function. ### Patches The problem has been fixed with 6.4.18.1 with an override of the specified filters until the integration of the Sandbox extension has been finished. ### Workarounds For older versions of 6.1, 6.2, and 6.3, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version. ### References https://docs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates

How to fix CVE-2023-22731

To remediate CVE-2023-22731, upgrade the affected package to a fixed version below.

• —upgrade to 6.4.18.1 or later
• —upgrade to 6.4.18.1 or later

Is CVE-2023-22731 being exploited?

Low — EPSS is 2.4%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

• from 0, < 6.4.18.1
• from 0, < 6.4.18.1

CVSS scores

References (5)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2023-22731
• PATCHgithub.com/shopware/platform
• WEBdocs.shopware.com/en/shopware-6-en/security-updates/security-update-01-2023?category=security-updates
• WEBgithub.com/shopware/platform/commit/89d1ea154689cb6202e0d3a0ceeae0febb0c09e1