CVE-2025-49554
published 2025-08-12CVE-2025-49554: Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Input Validation…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input, causing the application to crash or become unresponsive. Exploitation of this issue does not require user interaction.
Affected
28 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | adobe_commerce | <= 2.4.4-p14 | — |
| adobe | commerce | < 2.4.4 | 2.4.4 |
| adobe | commerce | — | — |
| adobe | commerce | — | — |
| adobe | commerce | — | — |
| adobe | commerce | — | — |
| adobe | commerce | — | — |
| adobe | commerce_b2b | < 1.3.3 | 1.3.3 |
| adobe | commerce_b2b | — | — |
| adobe | commerce_b2b | — | — |
| adobe | commerce_b2b | — | — |
| adobe | commerce_b2b | — | — |
| adobe | commerce_b2b | — | — |
| adobe | commerce_b2b | — | — |
| adobe | magento | < 2.4.5 | 2.4.5 |
| adobe | magento | — | — |
| adobe | magento | — | — |
| adobe | magento | — | — |
| adobe | magento | — | — |
| adobe | magento | — | — |
| magento | community-edition | >= 0 < 2.4.5-p14 | 2.4.5-p14 |
| magento | community-edition | >= 2.4.6-p1 < 2.4.6-p12 | 2.4.6-p12 |
| magento | community-edition | >= 2.4.7-beta1 < 2.4.7-p7 | 2.4.7-p7 |
| magento | community-edition | >= 2.4.8-beta1 < 2.4.8-p2 | 2.4.8-p2 |
| magento | community-edition | >= 2.4.9-alpha1 < 2.4.9-alpha2 | 2.4.9-alpha2 |