This is a security patch release addressing two security vulnerabilities. All users are strongly encouraged to upgrade immediately.
Security Fixes
- GHSA-g268-72p7-9j6j (
spree_apigem) - GHSA-p6pv-q7rc-g4h9 (
spree_storefrontgem)
Supported Versions
Security patches are available for all currently supported Spree versions:
| Version | Patched Release | EOL Date |
|---|---|---|
| 5.0 | 5.0.7 | March 2028 |
| 4.10 | 4.10.2 | September 2027 |
If you're running an unsupported version, please upgrade as soon as possible. Unsupported versions will not receive security patches. Need help upgrading? Contact the Spree team.
Upgrade
bundle update