{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T08:51:30.195","vulnerabilities":[{"cve":{"id":"CVE-2025-30151","sourceIdentifier":"security-advisories@github.com","published":"2025-04-08T14:15:34.737","lastModified":"2025-09-10T15:26:36.313","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Shopware is an open commerce platform. It's possible to pass long passwords that leads to Denial Of Service via forms in Storefront forms or Store-API. This vulnerability is fixed in 6.6.10.3 or 6.5.8.17. For older versions of 6.4, corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version."},{"lang":"es","value":"Shopware es una plataforma de comercio abierta. Es posible pasar contraseñas largas que provoquen una denegación de servicio a través de formularios de Storefront o de la API de la tienda. Esta vulnerabilidad se corrigió en las versiones 6.6.10.3 o 6.5.8.17. Para versiones anteriores a la 6.4, las medidas de seguridad correspondientes también están disponibles mediante un complemento. Para disfrutar de todas las funciones, recomendamos actualizar a la última versión de Shopware."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*","versionEndExcluding":"6.5.8.17","matchCriteriaId":"F0D12C54-6012-4FC8-9171-8B916D4D7EEA"},{"vulnerable":true,"criteria":"cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.0.0","versionEndExcluding":"6.6.10.3","matchCriteriaId":"A215DE35-2543-4191-B0C7-0DEFE195012F"},{"vulnerable":true,"criteria":"cpe:2.3:a:shopware:shopware:6.7.0.0:rc1:*:*:*:*:*:*","matchCriteriaId":"24764539-D914-4560-B02A-39B381DDB63A"}]}]}],"references":[{"url":"https://github.com/shopware/shopware/security/advisories/GHSA-cgfj-hj93-rmh2","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}