5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.4%
Digital downloads sold in online shops can be downloaded without valid payment, e.g. if the payment didn’t succeed.
New versions for the Aimeos HTML client 2020-2024 are available
github.com/advisories/GHSA-v4g2-cm5v-cxv7
github.com/aimeos/ai-client-html/commit/12d8aad1a373bf9d350872501adec3e222164f83
github.com/aimeos/ai-client-html/commit/5a7249769142b3ce70959ab1fb70c7e7c251e214
github.com/aimeos/ai-client-html/commit/6460ffe8f4929d864164aa96c5b49eca5326d975
github.com/aimeos/ai-client-html/commit/7f01d2f4fbc67f5231fd84adeb835d28252b8409
github.com/aimeos/ai-client-html/commit/fc611ff9a57e421d0ad9d99346b561cea515c5f0
github.com/aimeos/ai-client-html/security/advisories/GHSA-v4g2-cm5v-cxv7
nvd.nist.gov/vuln/detail/CVE-2024-37296
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.4%