GHSA-qxgx-hvg3-v92w

Suggest an improvement
Source
https://github.com/advisories/GHSA-qxgx-hvg3-v92w
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/10/GHSA-qxgx-hvg3-v92w/GHSA-qxgx-hvg3-v92w.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-qxgx-hvg3-v92w
Aliases
  • CVE-2024-47173
Published
2024-10-24T17:48:40Z
Modified
2024-10-24T22:06:36.312546Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H CVSS Calculator
Summary
ai-admin-graphql has a Denial of service vulnerability in SaaS and marketplace setups
Details

All SaaS and marketplace setups using Aimeos version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack

References

Affected packages

Packagist / aimeos/ai-admin-graphql

Package

Name
aimeos/ai-admin-graphql
Purl
pkg:composer/aimeos/ai-admin-graphql

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2024.04.1
Fixed
2024.07.2

Affected versions

2024.*

2024.04.1
2024.04.2
2024.04.3
2024.04.4
2024.04.5
2024.04.6
2024.04.7
2024.07.1