cancel
Showing results for 
Search instead for 
Did you mean: 

Are 2.4.3 Systems affected by the recently patched security issues

SOLVED

Are 2.4.3 Systems affected by the recently patched security issues

The recently released security patches 2.4.5-p1 and 2.4.4-p2 fixed a severe vulnerability concerning Cross-Site Scripting.

The patch notes do not mention 2.4.3 in any shape or form despite support for those versions still going on until November.

Does this mean that the security issues do not concern 2.4.3 or did the support stop prematurely?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Are 2.4.3 Systems affected by the recently patched security issues

Some news about this: Not all Versions are affected and the Patch-notes were updated. Also there are not hotfixes. Check out this Github-thread, it has all the information required to get a grip on the security issue: https://github.com/magento/magento2/issues/36294

View solution in original post

4 REPLIES 4

Re: Are 2.4.3 Systems affected by the recently patched security issues

ALL Versions!!!!

 

https://helpx.adobe.com/security/products/magento/apsb22-48.html

--------------------------------------------------------------

Affected Versions Product Version Platform
Adobe Commerce 2.4.4-p1 and earlier versions  All
2.4.5 and earlier versions  All

 

We are 2 Weeks close to upgrading, but we cant speed that up much more.

 

What can we do untill then?

Re: Are 2.4.3 Systems affected by the recently patched security issues

We where not ablet o upgrade the last month because of massive changes in PHP which needed alot Plug-in updates.

 

We are not alone there are at least 60% of the instances which are old.

 

Adobe need to bing out patches for older version ASAP.

Re: Are 2.4.3 Systems affected by the recently patched security issues

Re: Are 2.4.3 Systems affected by the recently patched security issues

Some news about this: Not all Versions are affected and the Patch-notes were updated. Also there are not hotfixes. Check out this Github-thread, it has all the information required to get a grip on the security issue: https://github.com/magento/magento2/issues/36294