Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/prestashop/prestashop@9.1.0-beta.1
purl pkg:composer/prestashop/prestashop@9.1.0-beta.1
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-cf1h-m5xj-mfc5 PrestaShop affected by time based enumeration in FO login form ### Impact A time-based user enumeration vulnerability in the user authentication functionality of PrestaShop. This vulnerability allows an attacker to determine whether a customer account exists in the system by measuring response times. ### Patches 8.2.4 and 9.0.3 ### Workarounds none ### References Found by Lam Yiu Tung CVE-2026-25597
GHSA-67v7-3g49-mxh2

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-17T00:15:26.287039+00:00 GitLab Importer Fixing VCID-cf1h-m5xj-mfc5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/prestashop/prestashop/GHSA-67v7-3g49-mxh2.yml 38.4.0
2026-04-17T00:14:52.214017+00:00 GitLab Importer Fixing VCID-cf1h-m5xj-mfc5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/prestashop/prestashop/CVE-2026-25597.yml 38.4.0
2026-04-12T01:39:29.238277+00:00 GitLab Importer Fixing VCID-cf1h-m5xj-mfc5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/prestashop/prestashop/GHSA-67v7-3g49-mxh2.yml 38.3.0
2026-04-12T01:38:52.367086+00:00 GitLab Importer Fixing VCID-cf1h-m5xj-mfc5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/prestashop/prestashop/CVE-2026-25597.yml 38.3.0
2026-04-03T01:48:24.506274+00:00 GitLab Importer Fixing VCID-cf1h-m5xj-mfc5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/prestashop/prestashop/GHSA-67v7-3g49-mxh2.yml 38.1.0
2026-04-03T01:47:49.442291+00:00 GitLab Importer Fixing VCID-cf1h-m5xj-mfc5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/prestashop/prestashop/CVE-2026-25597.yml 38.1.0