[HIGH] Aimeos HTML client may potentially reveal sensitive information in error log

PKSA-tv58-ct7t-887s CVE-2024-38516 GHSA-ppm5-jv84-2xg2

Affected version: >=2021.10.1,<2021.10.22|>=2022.04.1,<2022.10.13|>=2023.04.1,<2023.10.15|>=2024.04.1,<2024.04.7

Reported by:
GitHub

[MEDIUM] Digital products download without proper payment status check

PKSA-7hj5-fcz5-xrrg CVE-2024-37296 GHSA-v4g2-cm5v-cxv7

Affected version: >=2020.04.1,<2020.10.27|>=2021.04.1,<2021.10.21|>=2022.04.1,<2022.10.12|>=2023.04.1,<2023.10.14|>=2024.04.1,<2024.04.4

Reported by:
GitHub