{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T21:25:34.574","vulnerabilities":[{"cve":{"id":"CVE-2021-36044","sourceIdentifier":"psirt@adobe.com","published":"2021-09-01T15:15:10.350","lastModified":"2024-11-21T06:13:00.963","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper input validation vulnerability. An unauthenticated attacker could abuse this vulnerability to cause a server-side denial-of-service using a GraphQL field."},{"lang":"es","value":"Magento Commerce versiones 2.4.2 (y anteriores), versiones 2.4.2-p1 (y anteriores), y versiones 2.3.7 (y anteriores), están afectadas por una vulnerabilidad de comprobación Inapropiada de Entrada. Un atacante no autenticado podría abusar de esta vulnerabilidad para causar una denegación de servicio del lado del servidor usando un campo GraphQL"}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:adobe_commerce:*:*:*:*:*:*:*:*","versionStartIncluding":"2.3.0","versionEndIncluding":"2.3.7","matchCriteriaId":"72F005E6-8523-49FF-91F7-644BC737DDEF"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:adobe_commerce:*:*:*:*:*:*:*:*","versionStartIncluding":"2.4.0","versionEndIncluding":"2.4.2","matchCriteriaId":"260156B9-9CEF-4732-AD94-7D3CCD784F1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:adobe_commerce:2.4.2:p1:*:*:*:*:*:*","matchCriteriaId":"C711D725-10E3-4A9C-AAD8-9B1766CB42F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:magento_open_source:*:*:*:*:*:*:*:*","versionStartIncluding":"2.3.0","versionEndIncluding":"2.3.7","matchCriteriaId":"052A5E47-66AF-4F60-8949-E2B6CE98AEE9"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:magento_open_source:*:*:*:*:*:*:*:*","versionStartIncluding":"2.4.0","versionEndIncluding":"2.4.2","matchCriteriaId":"ADE9F2A6-575A-48DA-ACE4-B22ABB275B6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:magento_open_source:2.4.2:p1:*:*:*:*:*:*","matchCriteriaId":"8F768F94-34F1-4FB8-8D96-3BBC9D6B8C89"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","source":"psirt@adobe.com","tags":["Patch","Vendor Advisory"]},{"url":"https://helpx.adobe.com/security/products/magento/apsb21-64.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}