CVE-2024-47173: ai-admin-graphql has a Denial of service vulnerability in SaaS and marketplace setups

October 24, 2024

All SaaS and marketplace setups using Aimeos version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack

References

github.com/advisories/GHSA-qxgx-hvg3-v92w
github.com/aimeos/ai-admin-graphql
github.com/aimeos/ai-admin-graphql/security/advisories/GHSA-qxgx-hvg3-v92w
nvd.nist.gov/vuln/detail/CVE-2024-47173

Detect and mitigate CVE-2024-47173 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →