Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/108309?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/108309?format=api", "purl": "pkg:composer/magento/community-edition@0.1.0-alpha103", "type": "composer", "namespace": "magento", "name": "community-edition", "version": "0.1.0-alpha103", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.9.2+1", "latest_non_vulnerable_version": "2.4.9-alpha3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12036?format=api", "vulnerability_id": "VCID-36ac-e8pr-gkca", "summary": "Cross-Site Request Forgery (CSRF)\nMagento Community Edition and Enterprise Edition have CSRF resulting in deletion of a customer address from an address book, aka APPSEC-1433.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5301", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09149", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5301" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2010-and-212-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2010-and-212-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5301", "reference_id": "CVE-2018-5301", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5301" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53780?format=api", "purl": "pkg:composer/magento/community-edition@2.0.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-e514-8tra-9kg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/53781?format=api", "purl": "pkg:composer/magento/community-edition@2.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-34a4-y3sn-97cp" }, { "vulnerability": "VCID-3w85-cjt6-1kgv" }, { "vulnerability": "VCID-73jm-z8yc-n3eh" }, { "vulnerability": "VCID-77v3-4g9b-mbg8" }, { "vulnerability": "VCID-8azw-t94j-7bda" }, { "vulnerability": "VCID-94dk-wkd1-ryg5" }, { "vulnerability": "VCID-9bs6-bkg5-5ygw" }, { "vulnerability": "VCID-ckmz-vs6x-sqgw" }, { "vulnerability": "VCID-e3hs-urj2-hugu" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-fw8t-pt9u-vbgn" }, { "vulnerability": "VCID-j6jh-447c-vbay" }, { "vulnerability": "VCID-jbdw-8hjj-puh8" }, { "vulnerability": "VCID-nww3-kpvm-4ucu" }, { "vulnerability": "VCID-qqqf-kw83-dfgb" }, { "vulnerability": "VCID-rcdf-rkqa-c7bk" }, { "vulnerability": "VCID-t74p-crez-wyhv" }, { "vulnerability": "VCID-t7ae-1xen-tqav" }, { "vulnerability": "VCID-ucfx-6ktc-2bcp" }, { "vulnerability": "VCID-wr3g-xf17-abcx" }, { "vulnerability": "VCID-yh9f-v452-tub3" }, { "vulnerability": "VCID-yxpr-kard-n7cr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.2" } ], "aliases": [ "CVE-2018-5301", "GHSA-w3mq-67mw-3p9f" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-36ac-e8pr-gkca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148743?format=api", "vulnerability_id": "VCID-73jm-z8yc-n3eh", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7887", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23629", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7887" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7887.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7887.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7887.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7887.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7887.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7887.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7887", "reference_id": "CVE-2019-7887", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7887" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417168?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B2" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/77891?format=api", "purl": "pkg:composer/magento/community-edition@2.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-e514-8tra-9kg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7887", "GHSA-rj8f-g5gm-jw5c" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-73jm-z8yc-n3eh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148756?format=api", "vulnerability_id": "VCID-77v3-4g9b-mbg8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7909", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7909" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7909.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7909.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7909.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7909.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7909.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7909.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7909", "reference_id": "CVE-2019-7909", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7909" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417168?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B2" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/77891?format=api", "purl": "pkg:composer/magento/community-edition@2.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-e514-8tra-9kg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7909", "GHSA-pw2f-m22m-p75c" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-77v3-4g9b-mbg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148750?format=api", "vulnerability_id": "VCID-8azw-t94j-7bda", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7897" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7897.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7897.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7897.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7897.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7897.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7897.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7897", "reference_id": "CVE-2019-7897", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7897" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417168?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B2" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/77891?format=api", "purl": "pkg:composer/magento/community-edition@2.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-e514-8tra-9kg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7897", "GHSA-jxp3-mmw7-8285" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8azw-t94j-7bda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163886?format=api", "vulnerability_id": "VCID-dcfx-5qz2-aybr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3758", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46684", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3758" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3758", "reference_id": "CVE-2020-3758", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3758" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417330?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/417329?format=api", "purl": "pkg:composer/magento/community-edition@1.14.4%2B4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.14.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-e514-8tra-9kg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3758", "GHSA-p5q3-xg47-653m" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dcfx-5qz2-aybr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163845?format=api", "vulnerability_id": "VCID-dsp2-hyhy-ekbj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3717", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51199", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3717" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3717", "reference_id": "CVE-2020-3717", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3717" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417330?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/417329?format=api", "purl": "pkg:composer/magento/community-edition@1.14.4%2B4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.14.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-e514-8tra-9kg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3717", "GHSA-874g-pxqp-frqp" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dsp2-hyhy-ekbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163844?format=api", "vulnerability_id": "VCID-qp9f-r8g6-huhm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3716", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17339", "scoring_system": "epss", "scoring_elements": "0.95164", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3716" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3716", "reference_id": "CVE-2020-3716", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3716" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417330?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/417329?format=api", "purl": "pkg:composer/magento/community-edition@1.14.4%2B4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.14.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-e514-8tra-9kg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3716", "GHSA-9wc9-498w-h8xv" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qp9f-r8g6-huhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148772?format=api", "vulnerability_id": "VCID-t74p-crez-wyhv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7935", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7935" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7935.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7935.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7935.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7935.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7935.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7935.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7935", "reference_id": "CVE-2019-7935", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7935" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417168?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B2" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/77891?format=api", "purl": "pkg:composer/magento/community-edition@2.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-e514-8tra-9kg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7935", "GHSA-5c4g-p858-498x" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t74p-crez-wyhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13525?format=api", "vulnerability_id": "VCID-t7ae-1xen-tqav", "summary": "SQL Injection\nAn unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7139", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.60108", "scoring_system": "epss", "scoring_elements": "0.983", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7139" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://magento.com/security/patches/supee-11086", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/supee-11086" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://www.ambionics.io/blog/magento-sqli", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.ambionics.io/blog/magento-sqli" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7139", "reference_id": "CVE-2019-7139", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7139" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7139.yaml", "reference_id": "CVE-2019-7139.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7139.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7139.yaml", "reference_id": "CVE-2019-7139.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7139.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7139.yaml", "reference_id": "CVE-2019-7139.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7139.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-4j6w-9rf8-hg7r", "reference_id": "GHSA-4j6w-9rf8-hg7r", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4j6w-9rf8-hg7r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-e514-8tra-9kg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/56765?format=api", "purl": "pkg:composer/magento/community-edition@2.1.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-34a4-y3sn-97cp" }, { "vulnerability": "VCID-3w85-cjt6-1kgv" }, { "vulnerability": "VCID-73jm-z8yc-n3eh" }, { "vulnerability": "VCID-77v3-4g9b-mbg8" }, { "vulnerability": "VCID-8azw-t94j-7bda" }, { "vulnerability": "VCID-94dk-wkd1-ryg5" }, { "vulnerability": "VCID-9bs6-bkg5-5ygw" }, { "vulnerability": "VCID-ckmz-vs6x-sqgw" }, { "vulnerability": "VCID-e3hs-urj2-hugu" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-fw8t-pt9u-vbgn" }, { "vulnerability": "VCID-j6jh-447c-vbay" }, { "vulnerability": "VCID-jbdw-8hjj-puh8" }, { "vulnerability": "VCID-nww3-kpvm-4ucu" }, { "vulnerability": "VCID-qqqf-kw83-dfgb" }, { "vulnerability": "VCID-rcdf-rkqa-c7bk" }, { "vulnerability": "VCID-t74p-crez-wyhv" }, { "vulnerability": "VCID-ucfx-6ktc-2bcp" }, { "vulnerability": "VCID-wr3g-xf17-abcx" }, { "vulnerability": "VCID-yh9f-v452-tub3" }, { "vulnerability": "VCID-yxpr-kard-n7cr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/77891?format=api", "purl": "pkg:composer/magento/community-edition@2.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-e514-8tra-9kg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/56766?format=api", "purl": "pkg:composer/magento/community-edition@2.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-34a4-y3sn-97cp" }, { "vulnerability": "VCID-3w85-cjt6-1kgv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-73jm-z8yc-n3eh" }, { "vulnerability": "VCID-77v3-4g9b-mbg8" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-8azw-t94j-7bda" }, { "vulnerability": "VCID-94dk-wkd1-ryg5" }, { "vulnerability": "VCID-9bs6-bkg5-5ygw" }, { "vulnerability": "VCID-ckmz-vs6x-sqgw" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-e3hs-urj2-hugu" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-fw8t-pt9u-vbgn" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-j6jh-447c-vbay" }, { "vulnerability": "VCID-jbdw-8hjj-puh8" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-nww3-kpvm-4ucu" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-qqqf-kw83-dfgb" }, { "vulnerability": "VCID-rcdf-rkqa-c7bk" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-t74p-crez-wyhv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-ucfx-6ktc-2bcp" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-wr3g-xf17-abcx" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-yh9f-v452-tub3" }, { "vulnerability": "VCID-yxpr-kard-n7cr" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/56767?format=api", "purl": "pkg:composer/magento/community-edition@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-34a4-y3sn-97cp" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3w85-cjt6-1kgv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-73jm-z8yc-n3eh" }, { "vulnerability": "VCID-77v3-4g9b-mbg8" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-8azw-t94j-7bda" }, { "vulnerability": "VCID-94dk-wkd1-ryg5" }, { "vulnerability": "VCID-9bs6-bkg5-5ygw" }, { "vulnerability": "VCID-ckmz-vs6x-sqgw" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-e3hs-urj2-hugu" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-fw8t-pt9u-vbgn" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-j6jh-447c-vbay" }, { "vulnerability": "VCID-jbdw-8hjj-puh8" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-nww3-kpvm-4ucu" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-qqqf-kw83-dfgb" }, { "vulnerability": "VCID-rcdf-rkqa-c7bk" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-t74p-crez-wyhv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-ucfx-6ktc-2bcp" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-wr3g-xf17-abcx" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-yh9f-v452-tub3" }, { "vulnerability": "VCID-yxpr-kard-n7cr" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7139", "GHSA-4j6w-9rf8-hg7r" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t7ae-1xen-tqav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163847?format=api", "vulnerability_id": "VCID-tr2c-pvrf-ybd8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3719", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.79849", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3719" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3719", "reference_id": "CVE-2020-3719", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3719" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417330?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/417329?format=api", "purl": "pkg:composer/magento/community-edition@1.14.4%2B4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.14.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-e514-8tra-9kg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3719", "GHSA-rr59-pjwj-6grj" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tr2c-pvrf-ybd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163846?format=api", "vulnerability_id": "VCID-vnpj-71vh-pkb2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3718", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08697", "scoring_system": "epss", "scoring_elements": "0.92612", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3718" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3718", "reference_id": "CVE-2020-3718", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3718" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417330?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/417329?format=api", "purl": "pkg:composer/magento/community-edition@1.14.4%2B4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.14.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-e514-8tra-9kg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3718", "GHSA-x9p7-vgp2-9pq2" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vnpj-71vh-pkb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97820?format=api", "vulnerability_id": "VCID-wcq9-efp5-f3cq", "summary": "", "references": [ { "reference_url": "http://blog.mindedsecurity.com/2015/09/autoloaded-file-inclusion-in-magento.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://blog.mindedsecurity.com/2015/09/autoloaded-file-inclusion-in-magento.html" }, { "reference_url": "http://karmainsecurity.com/KIS-2015-04", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://karmainsecurity.com/KIS-2015-04" }, { "reference_url": "http://magento.com/security/patches/supee-6482", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://magento.com/security/patches/supee-6482" }, { "reference_url": "http://packetstormsecurity.com/files/133544/Magento-1.9.2-File-Inclusion.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/133544/Magento-1.9.2-File-Inclusion.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-6497", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02665", "scoring_system": "epss", "scoring_elements": "0.86054", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-6497" }, { "reference_url": "http://seclists.org/fulldisclosure/2015/Sep/48", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2015/Sep/48" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6497", "reference_id": "CVE-2015-6497", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6497" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417300?format=api", "purl": "pkg:composer/magento/community-edition@1.9.2%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.2%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" } ], "aliases": [ "CVE-2015-6497", "GHSA-j4fq-3fm7-wh5v" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wcq9-efp5-f3cq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163843?format=api", "vulnerability_id": "VCID-xpw6-2hr1-9qge", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3715", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45441", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3715" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3715", "reference_id": "CVE-2020-3715", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3715" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417330?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/417329?format=api", "purl": "pkg:composer/magento/community-edition@1.14.4%2B4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.14.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-e514-8tra-9kg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3715", "GHSA-mgg3-v948-2vgr" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xpw6-2hr1-9qge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148771?format=api", "vulnerability_id": "VCID-yxpr-kard-n7cr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7934" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7934.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7934.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7934.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7934.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7934.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7934.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7934", "reference_id": "CVE-2019-7934", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7934" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417168?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B2" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/77891?format=api", "purl": "pkg:composer/magento/community-edition@2.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-e514-8tra-9kg2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7934", "GHSA-77mv-p94f-qcq4" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yxpr-kard-n7cr" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@0.1.0-alpha103" }