aimeos/ai-admin-graphql

Packagist3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting aimeos/ai-admin-graphqlpage 1 of 1

CVE-2024-39323HIGHCVSS 7.1EG 7.1✓ Fixed in 2024.04.6
2024-07-02
vulnerable: 2024.04.1, 2024.04.2, 2024.04.3, 2024.04.4, 2024.04.5
aimeos/ai-admin-graphql is the Aimeos GraphQL API admin interface. Starting in version 2022.04.01 and prior to versions 2022.10.10, 2023.10.6, and 2024.04.6, an improper access control vulnerability allows an editor to modify and take over…
CVE-2024-39324LOWCVSS 3.8EG 3.8✓ Fixed in 2024.04.2
2024-07-02
vulnerable: 2024.04.1
aimeos/ai-admin-graphql is the Aimeos GraphQL API admin interface. Starting in version 2022.04.1 and prior to versions 2022.10.10, 2023.10.6, and 2024.4.2, improper access control allows a editors to manage own services via GraphQL API whi…
CVE-2024-47173MEDIUMCVSS 5.5EG 5.5✓ Fixed in 2024.07.2
2024-10-24
vulnerable: 2024.04.1 ... 2024.07.1 (8 versions)
Aimeos is an e-commerce framework. All SaaS and marketplace setups using the Aimeos GraphQL API admin interface version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack. Version 2024.07.2 fixes the issue.

Check whether aimeos/ai-admin-graphql is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for aimeos/ai-admin-graphql CVEs against the assets you own.

Start Free Scan →