Packagist/sylius/resource-bundle — 3 CVEs

CRITICAL9.6CVE-2020-15146Remote Code Execution in SyliusResourceBundle

>= 1.4.0, < 1.4.7

HIGH7.7CVE-2020-15143Remote Code Execution in SyliusResourceBundle

>= 1.4.0, < 1.4.7

MEDIUM4.4CVE-2020-5220Ability to expose data in Sylius by using an unintended serialisation group

>= 1.4.0, < 1.4.6

pkg:Packagist/sylius/resource-bundle