In this Shopware security release, the team has blocked off the “medium” threat level. 

This security update has impacted various Shopware versions, including 6.4.15.1. 

Shopware security updates have fixed the below vulnerabilities:

NEXT-23464: Bump twig dependency to 3.4.3

Recommendation

The Shopware team advises updating to the latest version, 6.4.15.2. 

For Regular Updates

You can get updates to 6.4.15.2 directly through the Downloads overview or the Auto-Updater. 

Security Measures (for older versions)

You can get corresponding security measures for your past versions via a plugin. 

Upgrade Infos

In the twig file  `Storefront/Resources/views/storefront/utilities/icon.html.twig`, Extensions that have modified the block `utilities_icon`, should conduct modifications from the Upgrade.md.

Ganesh Tharol
Author

Ganesh Tharol's expertise in programming allowed him to streamline his workflow significantly. A hunt for new opportunities led him to cloud computing. When it comes to AWS, Ganesh Tharol is a full-stack DevOps with exceptional development skills, as seen by his many certifications and successful developments.