Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature bypass. An attacker could exploit this vulnerability to alter a condition between the check and the use of a resource, having a low impact on integrity. Exploitation of this issue requires user interaction.
The product checks the state of a resource before using that resource, but the resource’s state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Commerce | Adobe | 2.4.4 (including) | 2.4.4 (including) |
| Commerce | Adobe | 2.4.4-p1 (including) | 2.4.4-p1 (including) |
| Commerce | Adobe | 2.4.4-p10 (including) | 2.4.4-p10 (including) |
| Commerce | Adobe | 2.4.4-p2 (including) | 2.4.4-p2 (including) |
| Commerce | Adobe | 2.4.4-p3 (including) | 2.4.4-p3 (including) |
| Commerce | Adobe | 2.4.4-p4 (including) | 2.4.4-p4 (including) |
| Commerce | Adobe | 2.4.4-p5 (including) | 2.4.4-p5 (including) |
| Commerce | Adobe | 2.4.4-p6 (including) | 2.4.4-p6 (including) |
| Commerce | Adobe | 2.4.4-p7 (including) | 2.4.4-p7 (including) |
| Commerce | Adobe | 2.4.4-p8 (including) | 2.4.4-p8 (including) |
| Commerce | Adobe | 2.4.4-p9 (including) | 2.4.4-p9 (including) |
| Commerce | Adobe | 2.4.5 (including) | 2.4.5 (including) |
| Commerce | Adobe | 2.4.5-p1 (including) | 2.4.5-p1 (including) |
| Commerce | Adobe | 2.4.5-p2 (including) | 2.4.5-p2 (including) |
| Commerce | Adobe | 2.4.5-p3 (including) | 2.4.5-p3 (including) |
| Commerce | Adobe | 2.4.5-p4 (including) | 2.4.5-p4 (including) |
| Commerce | Adobe | 2.4.5-p5 (including) | 2.4.5-p5 (including) |
| Commerce | Adobe | 2.4.5-p6 (including) | 2.4.5-p6 (including) |
| Commerce | Adobe | 2.4.5-p7 (including) | 2.4.5-p7 (including) |
| Commerce | Adobe | 2.4.5-p8 (including) | 2.4.5-p8 (including) |
| Commerce | Adobe | 2.4.5-p9 (including) | 2.4.5-p9 (including) |
| Commerce | Adobe | 2.4.6 (including) | 2.4.6 (including) |
| Commerce | Adobe | 2.4.6-p1 (including) | 2.4.6-p1 (including) |
| Commerce | Adobe | 2.4.6-p2 (including) | 2.4.6-p2 (including) |
| Commerce | Adobe | 2.4.6-p3 (including) | 2.4.6-p3 (including) |
| Commerce | Adobe | 2.4.6-p4 (including) | 2.4.6-p4 (including) |
| Commerce | Adobe | 2.4.6-p5 (including) | 2.4.6-p5 (including) |
| Commerce | Adobe | 2.4.6-p6 (including) | 2.4.6-p6 (including) |
| Commerce | Adobe | 2.4.6-p7 (including) | 2.4.6-p7 (including) |
| Commerce | Adobe | 2.4.7 (including) | 2.4.7 (including) |
| Commerce | Adobe | 2.4.7-b1 (including) | 2.4.7-b1 (including) |
| Commerce | Adobe | 2.4.7-b2 (including) | 2.4.7-b2 (including) |
| Commerce | Adobe | 2.4.7-p1 (including) | 2.4.7-p1 (including) |
| Commerce | Adobe | 2.4.7-p2 (including) | 2.4.7-p2 (including) |
| Commerce_b2b | Adobe | 1.3.3 (including) | 1.3.3 (including) |
| Commerce_b2b | Adobe | 1.3.3-p10 (including) | 1.3.3-p10 (including) |
| Commerce_b2b | Adobe | 1.3.4 (including) | 1.3.4 (including) |
| Commerce_b2b | Adobe | 1.3.4-p9 (including) | 1.3.4-p9 (including) |
| Commerce_b2b | Adobe | 1.3.5 (including) | 1.3.5 (including) |
| Commerce_b2b | Adobe | 1.3.5-p7 (including) | 1.3.5-p7 (including) |
| Commerce_b2b | Adobe | 1.4.2 (including) | 1.4.2 (including) |
| Commerce_b2b | Adobe | 1.4.2-p1 (including) | 1.4.2-p1 (including) |
| Commerce_b2b | Adobe | 1.4.2-p2 (including) | 1.4.2-p2 (including) |
| Magento | Adobe | 2.4.4 (including) | 2.4.4 (including) |
| Magento | Adobe | 2.4.4-p1 (including) | 2.4.4-p1 (including) |
| Magento | Adobe | 2.4.4-p10 (including) | 2.4.4-p10 (including) |
| Magento | Adobe | 2.4.4-p2 (including) | 2.4.4-p2 (including) |
| Magento | Adobe | 2.4.4-p3 (including) | 2.4.4-p3 (including) |
| Magento | Adobe | 2.4.4-p4 (including) | 2.4.4-p4 (including) |
| Magento | Adobe | 2.4.4-p5 (including) | 2.4.4-p5 (including) |
| Magento | Adobe | 2.4.4-p6 (including) | 2.4.4-p6 (including) |
| Magento | Adobe | 2.4.4-p7 (including) | 2.4.4-p7 (including) |
| Magento | Adobe | 2.4.4-p8 (including) | 2.4.4-p8 (including) |
| Magento | Adobe | 2.4.4-p9 (including) | 2.4.4-p9 (including) |
| Magento | Adobe | 2.4.5 (including) | 2.4.5 (including) |
| Magento | Adobe | 2.4.5-p1 (including) | 2.4.5-p1 (including) |
| Magento | Adobe | 2.4.5-p2 (including) | 2.4.5-p2 (including) |
| Magento | Adobe | 2.4.5-p3 (including) | 2.4.5-p3 (including) |
| Magento | Adobe | 2.4.5-p4 (including) | 2.4.5-p4 (including) |
| Magento | Adobe | 2.4.5-p5 (including) | 2.4.5-p5 (including) |
| Magento | Adobe | 2.4.5-p6 (including) | 2.4.5-p6 (including) |
| Magento | Adobe | 2.4.5-p7 (including) | 2.4.5-p7 (including) |
| Magento | Adobe | 2.4.5-p8 (including) | 2.4.5-p8 (including) |
| Magento | Adobe | 2.4.5-p9 (including) | 2.4.5-p9 (including) |
| Magento | Adobe | 2.4.6 (including) | 2.4.6 (including) |
| Magento | Adobe | 2.4.6-p1 (including) | 2.4.6-p1 (including) |
| Magento | Adobe | 2.4.6-p2 (including) | 2.4.6-p2 (including) |
| Magento | Adobe | 2.4.6-p3 (including) | 2.4.6-p3 (including) |
| Magento | Adobe | 2.4.6-p4 (including) | 2.4.6-p4 (including) |
| Magento | Adobe | 2.4.6-p5 (including) | 2.4.6-p5 (including) |
| Magento | Adobe | 2.4.6-p6 (including) | 2.4.6-p6 (including) |
| Magento | Adobe | 2.4.6-p7 (including) | 2.4.6-p7 (including) |
| Magento | Adobe | 2.4.7 (including) | 2.4.7 (including) |
| Magento | Adobe | 2.4.7-b1 (including) | 2.4.7-b1 (including) |
| Magento | Adobe | 2.4.7-p1 (including) | 2.4.7-p1 (including) |
| Magento | Adobe | 2.4.7-p2 (including) | 2.4.7-p2 (including) |