Upon logging into Magento admin, the following popup shows up. When the link is clicked, it is going to some informational document instead of anything that speaks about security patches to be installed. Please let me know whether I can ignore it or not. We're using Magento CE 2.4.4
Magento 2.4.4 Security – New Security Patches Now Available
admin-panelmagento2notificationsecurity-patch
Best Answer
There is a security update available for Adobe Commerce - Magento | APSB22-48
Affected products and versions Adobe Commerce on cloud infrastructure and on-premises, and Magento Open Source:
There are 2 solutions to apply this update:
In case someone looking for a hotfix for Magento 2.3.7-p3 or 2.3.7-p4, you can use the hotfix for 2.4.3-p2, 2.4.3-p3 due to it being compatible and working as expected.
If you are not sure which version was affected by this vulnerability (CVE-2022-35698), take a look at this post to read more details about it https://magetu.com/adobe-commerce-and-magento-open-source-security-hotfix-for-cve-2022-35698-and-hotfix-patches-for-2-3-7-p3-2-3-7-p4/