GHSA-4f89-5cwm-rm5g · Severity: medium · Ecosystem: composer — Magento Open Source Information Exposure vulnerability
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction.
Conclusion & alert: CVE-2024-45134 is rated Low Risk (26.8/100): CVSS Low severity, with low exploitation likelihood (EPSS 0.61%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.16% | 0.61% | +0.45% |
| 2 | 2026-06-14 | 0.10% | 0.16% | +0.06% |
| 3 | 2025-11-21 | — | 0.10% | — |
Full EPSS history (14 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 2.7 | 3.1 | LOW |
|
1.2 | 1.4 | [email protected] |
GHSA-4f89-5cwm-rm5g · Severity: medium · Ecosystem: composer — Magento Open Source Information Exposure vulnerability
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| adobe | commerce | — | cpe:2.3:a:adobe:commerce:-:*:*:*:*:*:*:* |
| adobe | commerce | 2.3.7 | cpe:2.3:a:adobe:commerce:2.3.7:-:*:*:*:*:*:* |
| adobe | commerce | 2.3.7 | cpe:2.3:a:adobe:commerce:2.3.7:p1:*:*:*:*:*:* |
| adobe | commerce | 2.3.7 | cpe:2.3:a:adobe:commerce:2.3.7:p2:*:*:*:*:*:* |
| adobe | commerce | 2.3.7 | cpe:2.3:a:adobe:commerce:2.3.7:p3:*:*:*:*:*:* |
| adobe | commerce | 2.3.7 | cpe:2.3:a:adobe:commerce:2.3.7:p4:*:*:*:*:*:* |
| adobe | commerce | 2.3.7 | cpe:2.3:a:adobe:commerce:2.3.7:p4-ext1:*:*:*:*:*:* |
| adobe | commerce | 2.3.7 | cpe:2.3:a:adobe:commerce:2.3.7:p4-ext2:*:*:*:*:*:* |
| adobe | commerce | 2.3.7 | cpe:2.3:a:adobe:commerce:2.3.7:p4-ext3:*:*:*:*:*:* |
| adobe | commerce | 2.3.7 | cpe:2.3:a:adobe:commerce:2.3.7:p4-ext4:*:*:*:*:*:* |
| adobe | commerce | 2.4.0 | cpe:2.3:a:adobe:commerce:2.4.0:*:*:*:*:*:*:* |
| adobe | commerce | 2.4.0 | cpe:2.3:a:adobe:commerce:2.4.0:-:*:*:*:*:*:* |
| adobe | commerce | 2.4.0 | cpe:2.3:a:adobe:commerce:2.4.0:ext-1:*:*:*:*:*:* |
| adobe | commerce | 2.4.0 | cpe:2.3:a:adobe:commerce:2.4.0:ext-2:*:*:*:*:*:* |
| adobe | commerce | 2.4.0 | cpe:2.3:a:adobe:commerce:2.4.0:ext-3:*:*:*:*:*:* |
| adobe | commerce | 2.4.0 | cpe:2.3:a:adobe:commerce:2.4.0:ext-4:*:*:*:*:*:* |
| adobe | commerce | 2.4.1 | cpe:2.3:a:adobe:commerce:2.4.1:*:*:*:*:*:*:* |
| adobe | commerce | 2.4.1 | cpe:2.3:a:adobe:commerce:2.4.1:-:*:*:*:*:*:* |
| adobe | commerce | 2.4.1 | cpe:2.3:a:adobe:commerce:2.4.1:ext-1:*:*:*:*:*:* |
| adobe | commerce | 2.4.1 | cpe:2.3:a:adobe:commerce:2.4.1:ext-2:*:*:*:*:*:* |
| adobe | commerce | 2.4.1 | cpe:2.3:a:adobe:commerce:2.4.1:ext-3:*:*:*:*:*:* |
| adobe | commerce | 2.4.1 | cpe:2.3:a:adobe:commerce:2.4.1:ext-4:*:*:*:*:*:* |
| adobe | commerce | 2.4.2 | cpe:2.3:a:adobe:commerce:2.4.2:*:*:*:*:*:*:* |
| adobe | commerce | 2.4.2 | cpe:2.3:a:adobe:commerce:2.4.2:-:*:*:*:*:*:* |
| adobe | commerce | 2.4.2 | cpe:2.3:a:adobe:commerce:2.4.2:ext-1:*:*:*:*:*:* |
| adobe | commerce | 2.4.2 | cpe:2.3:a:adobe:commerce:2.4.2:ext-2:*:*:*:*:*:* |
| adobe | commerce | 2.4.2 | cpe:2.3:a:adobe:commerce:2.4.2:ext-3:*:*:*:*:*:* |
| adobe | commerce | 2.4.2 | cpe:2.3:a:adobe:commerce:2.4.2:ext-4:*:*:*:*:*:* |
| adobe | commerce | 2.4.2 | cpe:2.3:a:adobe:commerce:2.4.2:p1:*:*:*:*:*:* |
| adobe | commerce | 2.4.2 | cpe:2.3:a:adobe:commerce:2.4.2:p2:*:*:*:*:*:* |
| adobe | commerce | 2.4.3 | cpe:2.3:a:adobe:commerce:2.4.3:*:*:*:*:*:*:* |
| adobe | commerce | 2.4.3 | cpe:2.3:a:adobe:commerce:2.4.3:-:*:*:*:*:*:* |
| adobe | commerce | 2.4.3 | cpe:2.3:a:adobe:commerce:2.4.3:ext-1:*:*:*:*:*:* |
| adobe | commerce | 2.4.3 | cpe:2.3:a:adobe:commerce:2.4.3:ext-2:*:*:*:*:*:* |
| adobe | commerce | 2.4.3 | cpe:2.3:a:adobe:commerce:2.4.3:ext-3:*:*:*:*:*:* |
| adobe | commerce | 2.4.3 | cpe:2.3:a:adobe:commerce:2.4.3:ext-4:*:*:*:*:*:* |
| adobe | commerce | 2.4.3 | cpe:2.3:a:adobe:commerce:2.4.3:p1:*:*:*:*:*:* |
| adobe | commerce | 2.4.3 | cpe:2.3:a:adobe:commerce:2.4.3:p2:*:*:*:*:*:* |
| adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:* |
| adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:* |
| adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:p10:*:*:*:*:*:* |
| adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:* |
| adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:* |
| adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:* |
| adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:* |
| adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:* |
| adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:p7:*:*:*:*:*:* |
| adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:p8:*:*:*:*:*:* |
| adobe | commerce | 2.4.4 | cpe:2.3:a:adobe:commerce:2.4.4:p9:*:*:*:*:*:* |
| adobe | commerce | 2.4.5 | cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:* |
| adobe | commerce | 2.4.5 | cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:* |
| adobe | commerce | 2.4.5 | cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:* |
| adobe | commerce | 2.4.5 | cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:* |
| adobe | commerce | 2.4.5 | cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:* |
| adobe | commerce | 2.4.5 | cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:* |
| adobe | commerce | 2.4.5 | cpe:2.3:a:adobe:commerce:2.4.5:p6:*:*:*:*:*:* |
| adobe | commerce | 2.4.5 | cpe:2.3:a:adobe:commerce:2.4.5:p7:*:*:*:*:*:* |
| adobe | commerce | 2.4.5 | cpe:2.3:a:adobe:commerce:2.4.5:p8:*:*:*:*:*:* |
| adobe | commerce | 2.4.5 | cpe:2.3:a:adobe:commerce:2.4.5:p9:*:*:*:*:*:* |
| adobe | commerce | 2.4.6 | cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:* |
| adobe | commerce | 2.4.6 | cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:* |
| adobe | commerce | 2.4.6 | cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:* |
| adobe | commerce | 2.4.6 | cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:* |
| adobe | commerce | 2.4.6 | cpe:2.3:a:adobe:commerce:2.4.6:p4:*:*:*:*:*:* |
| adobe | commerce | 2.4.6 | cpe:2.3:a:adobe:commerce:2.4.6:p5:*:*:*:*:*:* |
| adobe | commerce | 2.4.6 | cpe:2.3:a:adobe:commerce:2.4.6:p6:*:*:*:*:*:* |
| adobe | commerce | 2.4.6 | cpe:2.3:a:adobe:commerce:2.4.6:p7:*:*:*:*:*:* |
| adobe | commerce | 2.4.7 | cpe:2.3:a:adobe:commerce:2.4.7:-:*:*:*:*:*:* |
| adobe | commerce | 2.4.7 | cpe:2.3:a:adobe:commerce:2.4.7:b1:*:*:*:*:*:* |
| adobe | commerce | 2.4.7 | cpe:2.3:a:adobe:commerce:2.4.7:b2:*:*:*:*:*:* |
| adobe | commerce | 2.4.7 | cpe:2.3:a:adobe:commerce:2.4.7:p1:*:*:*:*:*:* |
| adobe | commerce | 2.4.7 | cpe:2.3:a:adobe:commerce:2.4.7:p2:*:*:*:*:*:* |
| adobe | commerce_b2b | 1.3.3 | cpe:2.3:a:adobe:commerce_b2b:1.3.3:-:*:*:*:*:*:* |
| adobe | commerce_b2b | 1.3.3 | cpe:2.3:a:adobe:commerce_b2b:1.3.3:p10:*:*:*:*:*:* |
| adobe | commerce_b2b | 1.3.4 | cpe:2.3:a:adobe:commerce_b2b:1.3.4:-:*:*:*:*:*:* |
| adobe | commerce_b2b | 1.3.4 | cpe:2.3:a:adobe:commerce_b2b:1.3.4:p9:*:*:*:*:*:* |
| adobe | commerce_b2b | 1.3.5 | cpe:2.3:a:adobe:commerce_b2b:1.3.5:-:*:*:*:*:*:* |
| adobe | commerce_b2b | 1.3.5 | cpe:2.3:a:adobe:commerce_b2b:1.3.5:p7:*:*:*:*:*:* |
| adobe | commerce_b2b | 1.4.2 | cpe:2.3:a:adobe:commerce_b2b:1.4.2:-:*:*:*:*:*:* |
| adobe | commerce_b2b | 1.4.2 | cpe:2.3:a:adobe:commerce_b2b:1.4.2:p1:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://helpx.adobe.com/security/products/magento/apsb24-73.html | Vendor Advisory |