Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS04ZmoyLTU4N3ctNXdocs4AA9d3

Moderate EPSS: 0.0032% (0.54489 Percentile) EPSS:
Permalink JSON

aimeos/ai-admin-jsonadm improper access control vulnerability allows editors to remove required records

Affected Packages Affected Versions Fixed Versions
packagist:aimeos/ai-admin-jsonadm < 2020.10.13, >= 2021.04.1, < 2021.10.6, >= 2022.04.1, < 2022.10.3, >= 2023.04.1, < 2023.10.4, = 2024.04.1 2020.10.13, 2021.10.6, 2022.10.3, 2023.10.4, 2024.04.2
8 Dependent packages
66 Dependent repositories
307,395 Downloads total

Affected Version Ranges

All affected versions

2016.7.1, 2016.7.2, 2016.10.1, 2017.1.1, 2017.1.2, 2017.4.1, 2017.4.2, 2017.4.3, 2017.4.4, 2017.7.1, 2017.7.2, 2017.7.3, 2017.10.1, 2017.10.2, 2017.10.3, 2017.10.4, 2017.10.5, 2018.1.1, 2018.1.2, 2018.4.1, 2018.4.2, 2018.4.3, 2018.7.1, 2018.7.2, 2018.7.3, 2018.10.1, 2018.10.2, 2018.10.3, 2018.10.4, 2018.10.5, 2019.1.1, 2019.4.1, 2019.4.2, 2019.4.3, 2019.7.1, 2019.7.2, 2019.7.3, 2019.10.1, 2019.10.2, 2019.10.3, 2019.10.4, 2019.10.5, 2019.10.6, 2019.10.7, 2019.10.8, 2020.1.1, 2020.4.1, 2020.4.2, 2020.7.1, 2020.7.2, 2020.10.1, 2020.10.2, 2020.10.3, 2020.10.4, 2020.10.5, 2020.10.6, 2020.10.7, 2020.10.8, 2020.10.9, 2020.10.10, 2020.10.11, 2020.10.12, 2021.4.1, 2021.4.2, 2021.4.3, 2021.7.1, 2021.7.2, 2021.7.3, 2021.10.1, 2021.10.2, 2021.10.3, 2021.10.4, 2021.10.5, 2022.4.1, 2022.4.2, 2022.7.1, 2022.10.1, 2022.10.2, 2023.4.1, 2023.7.1, 2023.10.1, 2023.10.2, 2023.10.3, 2024.4.1

All unaffected versions

2020.10.13, 2021.10.6, 2022.10.3, 2023.10.4, 2023.10.5, 2024.4.2, 2024.7.1, 2024.10.1, 2024.10.2, 2024.10.3, 2025.4.1

Improper access control allows editors to remove admin group and locale configuration in Aimeos backend

References:

Identifiers

GHSA-8fj2-587w-5whr

CVE-2024-39322

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.0032

EPSS Percentile: 0.54489

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/aimeos/ai-admin-jsonadm

Date and time

Published

about 1 year ago

Updated

about 1 year ago

API

JSON