In this Shopware security release, the team has blocked off the “medium” threat level.
This security update has impacted various Shopware versions, including 18.104.22.168.
Shopware security updates have fixed the below vulnerabilities:
NEXT-23464: Bump twig dependency to 3.4.3
The Shopware team advises updating to the latest version, 22.214.171.124.
For Regular Updates
You can get updates to 126.96.36.199 directly through the Downloads overview or the Auto-Updater.
Security Measures (for older versions)
You can get corresponding security measures for your past versions via a plugin.
In the twig file `Storefront/Resources/views/storefront/utilities/icon.html.twig`, Extensions that have modified the block `utilities_icon`, should conduct modifications from the Upgrade.md.