Medium severity5.5NVD Advisory· Published Oct 24, 2024· Updated Apr 15, 2026

CVE-2024-47173

Description

Aimeos is an e-commerce framework. All SaaS and marketplace setups using the Aimeos GraphQL API admin interface version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack. Version 2024.07.2 fixes the issue.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
aimeos/ai-admin-graphqlPackagist	>= 2024.04.1, < 2024.07.2	2024.07.2

Patches

e66a7d5d1682

https://github.com/aimeos/ai-admin-graphqlvia osv

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/advisories/GHSA-qxgx-hvg3-v92wghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2024-47173ghsaADVISORY
github.com/aimeos/ai-admin-graphql/security/advisories/GHSA-qxgx-hvg3-v92wnvdWEB

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000