Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2024-34111

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A low-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction..

CVSS v3:

  • Severity: High
  • Score: 8.8
  • AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

Software From Fixed in
adobe / commerce 2.3.7-p1 2.3.7-p1.x
adobe / commerce 2.4.3 2.4.3.x
adobe / commerce 2.3.7-p2 2.3.7-p2.x
adobe / commerce 2.4.4 2.4.4.x
adobe / commerce 2.3.7 2.3.7.x
adobe / commerce 2.3.7-p3 2.3.7-p3.x
adobe / commerce 2.4.5 2.4.5.x
adobe / commerce 2.4.4-p1 2.4.4-p1.x
adobe / commerce 2.4.5-p1 2.4.5-p1.x
adobe / commerce 2.4.4-p2 2.4.4-p2.x
adobe / commerce 2.4.5-p2 2.4.5-p2.x
adobe / commerce 2.4.4-p3 2.4.4-p3.x
adobe / commerce 2.4.6 2.4.6.x
adobe / magento 2.4.4 2.4.4.x
adobe / magento 2.4.4-p1 2.4.4-p1.x
adobe / magento 2.4.4-p2 2.4.4-p2.x
adobe / magento 2.4.4-p3 2.4.4-p3.x
adobe / magento 2.4.5 2.4.5.x
adobe / magento 2.4.5-p1 2.4.5-p1.x
adobe / magento 2.4.5-p2 2.4.5-p2.x
adobe / magento 2.4.6 2.4.6.x
adobe / commerce 2.3.7-p4-ext2 2.3.7-p4-ext2.x
adobe / commerce 2.3.7-p4-ext1 2.3.7-p4-ext1.x
adobe / commerce 2.3.7-p4 2.3.7-p4.x
adobe / commerce 2.4.0 2.4.0.x
adobe / commerce 2.4.0-ext-1 2.4.0-ext-1.x
adobe / commerce 2.4.0-ext-2 2.4.0-ext-2.x
adobe / commerce 2.4.1 2.4.1.x
adobe / commerce 2.4.1-ext-1 2.4.1-ext-1.x
adobe / commerce 2.4.1-ext-2 2.4.1-ext-2.x
adobe / commerce 2.4.2 2.4.2.x
adobe / commerce 2.4.2-ext-1 2.4.2-ext-1.x
adobe / commerce 2.4.2-ext-2 2.4.2-ext-2.x
adobe / commerce 2.4.3-ext-2 2.4.3-ext-2.x
adobe / commerce 2.4.3-ext-1 2.4.3-ext-1.x
adobe / commerce 2.4.4-p4 2.4.4-p4.x
adobe / commerce 2.4.5-p3 2.4.5-p3.x
adobe / commerce 2.4.6-p1 2.4.6-p1.x
adobe / magento 2.4.6-p2 2.4.6-p2.x
adobe / magento 2.4.6-p1 2.4.6-p1.x
adobe / magento 2.4.7-b1 2.4.7-b1.x
adobe / commerce 2.4.5-p4 2.4.5-p4.x
adobe / magento 2.4.5-p3 2.4.5-p3.x
adobe / magento 2.4.5-p4 2.4.5-p4.x
adobe / commerce 2.4.4-p5 2.4.4-p5.x
adobe / commerce 2.4.5-p5 2.4.5-p5.x
adobe / commerce 2.4.6-p2 2.4.6-p2.x
adobe / commerce 2.4.3-ext-4 2.4.3-ext-4.x
adobe / commerce 2.4.3-ext-3 2.4.3-ext-3.x
adobe / commerce 2.4.2-ext-4 2.4.2-ext-4.x
adobe / commerce 2.4.2-ext-3 2.4.2-ext-3.x
adobe / commerce 2.4.1-ext-4 2.4.1-ext-4.x
adobe / commerce 2.4.1-ext-3 2.4.1-ext-3.x
adobe / commerce 2.4.0-ext-4 2.4.0-ext-4.x
adobe / commerce 2.4.0-ext-3 2.4.0-ext-3.x
adobe / commerce 2.3.7-p4-ext4 2.3.7-p4-ext4.x
adobe / commerce 2.3.7-p4-ext3 2.3.7-p4-ext3.x
adobe / commerce 2.4.6-p3 2.4.6-p3.x
adobe / commerce 2.4.4-p6 2.4.4-p6.x
adobe / magento 2.4.6-p4 2.4.6-p4.x
adobe / magento 2.4.6-p5 2.4.6-p5.x
adobe / magento 2.4.5-p5 2.4.5-p5.x
adobe / magento 2.4.5-p6 2.4.5-p6.x
adobe / magento 2.4.5-p7 2.4.5-p7.x
adobe / magento 2.4.4-p7 2.4.4-p7.x
adobe / magento 2.4.4-p6 2.4.4-p6.x
adobe / magento 2.4.4-p5 2.4.4-p5.x
adobe / magento 2.4.4-p4 2.4.4-p4.x
adobe / magento 2.4.6-p3 2.4.6-p3.x
adobe / commerce_webhooks 1.2.0 1.4.0.x
adobe / magento 2.4.4-p8 2.4.4-p8.x
magento / community-edition 2.4.7 2.4.7.x
magento / community-edition 2.4.6 2.4.6.x
magento / community-edition 2.4.5 2.4.5.x
magento / community-edition 2.4.4 2.4.4.x
magento / community-edition 2.4.6-p1 2.4.6-p6
magento / community-edition 2.4.5-p1 2.4.5-p8
magento / community-edition - 2.4.4-p9