Security patches | April 8, 2024 #15751

zedzior · 2024-04-04T11:51:26Z

zedzior
Apr 4, 2024
Maintainer

Hi Community!

We will be releasing patch versions to Saleor fixing a security defect rated as "moderate" for the following versions: 3.14, 3.15, 3.16, 3.17, 3.18, 3.19.

📅 When? At 12:00 UTC Monday, April 8, 2024.

We will provide more details in this thread once the fix is published, including the patched versions list.

zedzior · 2024-04-08T13:21:38Z

zedzior
Apr 8, 2024
Maintainer Author

Hey Community!

We've just released security fixes for Saleor 3.14.64, 3.15.39, 3.16.39, 3.17.35, 3.18.31 and 3.19.19.

A CSRF bypass vulnerability was present in the refresh token mutation.

CVE-2024-31205: Cross-Site Request Forgery (CSRF)

Severity: moderate.

Details: GHSA-ff69-fwjf-3c9w

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security patches | April 8, 2024 #15751

{{title}}

Replies: 1 comment

{{title}}

Select a reply

Security patches | April 8, 2024 #15751

zedzior Apr 4, 2024 Maintainer

Replies: 1 comment

zedzior Apr 8, 2024 Maintainer Author

zedzior
Apr 4, 2024
Maintainer

zedzior
Apr 8, 2024
Maintainer Author