Search for packages
| purl | pkg:composer/prestashop/prestashop@9.0.3 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-cf1h-m5xj-mfc5 | PrestaShop affected by time based enumeration in FO login form ### Impact A time-based user enumeration vulnerability in the user authentication functionality of PrestaShop. This vulnerability allows an attacker to determine whether a customer account exists in the system by measuring response times. ### Patches 8.2.4 and 9.0.3 ### Workarounds none ### References Found by Lam Yiu Tung |
CVE-2026-25597
GHSA-67v7-3g49-mxh2 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T16:07:55.233382+00:00 | GHSA Importer | Fixing | VCID-cf1h-m5xj-mfc5 | https://github.com/advisories/GHSA-67v7-3g49-mxh2 | 38.0.0 |
| 2026-04-01T12:53:48.133271+00:00 | GitLab Importer | Fixing | VCID-cf1h-m5xj-mfc5 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/prestashop/prestashop/GHSA-67v7-3g49-mxh2.yml | 38.0.0 |
| 2026-04-01T12:53:47.075668+00:00 | GitLab Importer | Fixing | VCID-cf1h-m5xj-mfc5 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/prestashop/prestashop/CVE-2026-25597.yml | 38.0.0 |
| 2026-04-01T12:52:37.516038+00:00 | GithubOSV Importer | Fixing | VCID-cf1h-m5xj-mfc5 | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/02/GHSA-67v7-3g49-mxh2/GHSA-67v7-3g49-mxh2.json | 38.0.0 |