This release includes 1 security fix for security teams reviewing exposed deployments.
Topics
+13 more
ReleasePort's take
Moderate signalReleasePort v12.3.8 enhances security for Class Definition components.
Why it matters: Security severity rated 90; operators of Pimcore should review class definitions to mitigate risks.
Summary
AI summaryEnhance Class Definition security.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Security | Critical |
Enhance Class Definition security. Enhance Class Definition security. Source: llm_adapter@2026-05-27 Confidence: high |
— |
| Performance | Low |
Improve Data Object root class listing loading times. Improve Data Object root class listing loading times. Source: llm_adapter@2026-05-27 Confidence: high |
— |
| Bugfix | Medium |
Fix Time-Filter in Application Logs not working. Fix Time-Filter in Application Logs not working. Source: llm_adapter@2026-05-27 Confidence: high |
— |
Full changelog
What's Changed
- [Task]: Improve Data Object root class listing loading times by @kingjia90 in https://github.com/pimcore/pimcore/pull/19142
- [Bug, EC] PEES-946: Time-Filter in Application Logs not working by @robertSt7 in https://github.com/pimcore/pimcore/pull/19141
- [Security]: Enhance Class Definition security by @kingjia90 in https://github.com/pimcore/pimcore/pull/19145
- Fix example in
01_Loading_Service_Definitions.mdby @jdreesen in https://github.com/pimcore/pimcore/pull/19047
Full Changelog: https://github.com/pimcore/pimcore/compare/v12.3.7...v12.3.8
Security Fixes
- Enhance Class Definition security.
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
Related context
Related tools
Beta — feedback welcome: [email protected]