Adobe Commerce 2.4.5-p4 is a security release that provides three security fixes that enhance your Adobe Commerce 2.4.5 or Magento Open Source 2.4.5 deployment. It provides fixes for vulnerabilities that have been identified in previous releases.
jQuery-UI library version 1.13.1 has a known security vulnerability (CVE-2022-31160) that affects multiple versions of Adobe Commerce and Magento Open Source. This library is a dependency of Adobe Commerce and Magento Open Source 2.4.4, 2.4.5, and 2.4.6. Merchants running affected deployments should apply the patch specified in the jQuery UI security vulnerability CVE-2022-31160 fix for 2.4.4, 2.4.5, and 2.4.6 releases Knowledge Base article.
Security enhancements for this release improve compliance with the latest security best practices. These improvements include three security fixes.
This patch includes three security fixes. See Adobe Security Bulletin for the latest discussion of these fixed issues.
For instructions on downloading and applying security patches (including patch 2.4.5-p4), see Quick start install.
For general information about security patches, see Introducing the New Security Patch Release.