Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/22778?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/22778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "type": "composer", "namespace": "magento", "name": "community-edition", "version": "2.4.1-p1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.4.6-p13", "latest_non_vulnerable_version": "2.4.9-alpha3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40651?format=api", "vulnerability_id": "VCID-141w-faqu-w3ay", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45130", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24182", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24388", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24378", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29568", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45130" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:01:33Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45130", "reference_id": "CVE-2024-45130", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45130" }, { "reference_url": "https://github.com/advisories/GHSA-v3v6-jfvw-m576", "reference_id": "GHSA-v3v6-jfvw-m576", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v3v6-jfvw-m576" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45130", "GHSA-v3v6-jfvw-m576" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-141w-faqu-w3ay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46533?format=api", "vulnerability_id": "VCID-158t-bqnb-83d4", "summary": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39406", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.76439", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.76449", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.76369", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.76454", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39406" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", "reference_id": "apsb24-61.html", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:12:23Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39406", "reference_id": "CVE-2024-39406", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39406" }, { "reference_url": "https://github.com/advisories/GHSA-6pxh-2557-5cj5", "reference_id": "GHSA-6pxh-2557-5cj5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6pxh-2557-5cj5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32999?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/32998?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/33000?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/30241?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/33001?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2" } ], "aliases": [ "CVE-2024-39406", "GHSA-6pxh-2557-5cj5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-158t-bqnb-83d4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40581?format=api", "vulnerability_id": "VCID-16es-u6cy-u3g8", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45149", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.33844", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34043", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34021", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40898", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45149" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:05:46Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45149", "reference_id": "CVE-2024-45149", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45149" }, { "reference_url": "https://github.com/advisories/GHSA-w7rg-7wq2-pjrw", "reference_id": "GHSA-w7rg-7wq2-pjrw", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w7rg-7wq2-pjrw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45149", "GHSA-w7rg-7wq2-pjrw" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-16es-u6cy-u3g8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40690?format=api", "vulnerability_id": "VCID-1mpb-gzr2-53ar", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45121", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25049", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24849", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25066", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30306", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45121" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:50Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45121", "reference_id": "CVE-2024-45121", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45121" }, { "reference_url": "https://github.com/advisories/GHSA-2qhq-fw98-h6wg", "reference_id": "GHSA-2qhq-fw98-h6wg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2qhq-fw98-h6wg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45121", "GHSA-2qhq-fw98-h6wg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1mpb-gzr2-53ar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124324?format=api", "vulnerability_id": "VCID-1vq9-br2m-dbby", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24438", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04462", "scoring_system": "epss", "scoring_elements": "0.89368", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.04462", "scoring_system": "epss", "scoring_elements": "0.89375", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.04462", "scoring_system": "epss", "scoring_elements": "0.89331", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04462", "scoring_system": "epss", "scoring_elements": "0.89376", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24438" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24438", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24438" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:43Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-8884-7rm9-mrx4", "reference_id": "GHSA-8884-7rm9-mrx4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8884-7rm9-mrx4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24438", "GHSA-8884-7rm9-mrx4" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1vq9-br2m-dbby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210450?format=api", "vulnerability_id": "VCID-2sac-dap5-67cm", "summary": "Magento Improper input validation vulnerability", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28585", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.58142", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.58029", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.58147", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.5816", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28585" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28585", "reference_id": "CVE-2021-28585", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28585" }, { "reference_url": "https://github.com/advisories/GHSA-c38m-9668-6j2w", "reference_id": "GHSA-c38m-9668-6j2w", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c38m-9668-6j2w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23441?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" } ], "aliases": [ "CVE-2021-28585", "GHSA-c38m-9668-6j2w" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2sac-dap5-67cm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210309?format=api", "vulnerability_id": "VCID-2zcu-9c1u-2fhg", "summary": "Magento vulnerable to a file upload restriction bypass", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21014", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00372", "scoring_system": "epss", "scoring_elements": "0.59511", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00372", "scoring_system": "epss", "scoring_elements": "0.59401", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00372", "scoring_system": "epss", "scoring_elements": "0.59512", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00372", "scoring_system": "epss", "scoring_elements": "0.59522", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21014" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497" }, { "reference_url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21014", "reference_id": "CVE-2021-21014", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21014" }, { "reference_url": "https://github.com/advisories/GHSA-269w-pqc7-68q9", "reference_id": "GHSA-269w-pqc7-68q9", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-269w-pqc7-68q9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22774?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2" } ], "aliases": [ "CVE-2021-21014", "GHSA-269w-pqc7-68q9" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2zcu-9c1u-2fhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124201?format=api", "vulnerability_id": "VCID-313z-h2v4-c3fr", "summary": "Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24436", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35573", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35556", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35373", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3555", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24436" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24436", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24436" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:53Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-ghpr-6qhr-rpp8", "reference_id": "GHSA-ghpr-6qhr-rpp8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-ghpr-6qhr-rpp8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24436", "GHSA-ghpr-6qhr-rpp8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-313z-h2v4-c3fr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124669?format=api", "vulnerability_id": "VCID-3a8p-9krx-23e8", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access affecting Confidentiality and Integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24411", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29113", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29099", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.28891", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29093", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24411" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24411", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24411" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:40Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-36hw-x3cc-m258", "reference_id": "GHSA-36hw-x3cc-m258", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-36hw-x3cc-m258" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24411", "GHSA-36hw-x3cc-m258" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3a8p-9krx-23e8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46502?format=api", "vulnerability_id": "VCID-3ydj-usv4-47fq", "summary": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changes on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39410", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.67151", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.67137", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.67045", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39410" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", "reference_id": "apsb24-61.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:47Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39410", "reference_id": "CVE-2024-39410", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39410" }, { "reference_url": "https://github.com/advisories/GHSA-4323-f82v-f6jr", "reference_id": "GHSA-4323-f82v-f6jr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4323-f82v-f6jr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32999?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/32998?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/33000?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/30241?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/33001?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2" } ], "aliases": [ "CVE-2024-39410", "GHSA-4323-f82v-f6jr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ydj-usv4-47fq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46929?format=api", "vulnerability_id": "VCID-4b5p-wqtj-7kbe", "summary": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changes on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.67045", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.67151", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.67137", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39409" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", "reference_id": "apsb24-61.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:00Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39409", "reference_id": "CVE-2024-39409", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39409" }, { "reference_url": "https://github.com/advisories/GHSA-rf4q-m23c-7q8r", "reference_id": "GHSA-rf4q-m23c-7q8r", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rf4q-m23c-7q8r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32999?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/32998?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/33000?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/30241?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/33001?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2" } ], "aliases": [ "CVE-2024-39409", "GHSA-rf4q-m23c-7q8r" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4b5p-wqtj-7kbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170115?format=api", "vulnerability_id": "VCID-4h6z-sxux-1fc8", "summary": "Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34257", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73957", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.74043", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.7403", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.74044", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34257" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "apsb22-38.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:02Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34257", "reference_id": "CVE-2022-34257", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34257" }, { "reference_url": "https://github.com/advisories/GHSA-rg7p-wmgj-f374", "reference_id": "GHSA-rg7p-wmgj-f374", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rg7p-wmgj-f374" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25787?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25784?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-ebf6-hmqh-77ae" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/25785?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34257", "GHSA-rg7p-wmgj-f374" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4h6z-sxux-1fc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88199?format=api", "vulnerability_id": "VCID-4nqq-nrne-17a2", "summary": "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54266", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18174", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18336", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18338", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1836", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54266" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html", "reference_id": "apsb25-94.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:24:32Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54266", "reference_id": "CVE-2025-54266", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54266" }, { "reference_url": "https://github.com/advisories/GHSA-pcrx-r49h-x2w5", "reference_id": "GHSA-pcrx-r49h-x2w5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pcrx-r49h-x2w5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34326?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/34329?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/34331?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34328?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3" } ], "aliases": [ "CVE-2025-54266", "GHSA-pcrx-r49h-x2w5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4nqq-nrne-17a2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210454?format=api", "vulnerability_id": "VCID-4ujh-geum-9bbv", "summary": "Magento Unauthorized access to restricted resources", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28563", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49526", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49389", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49532", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49544", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28563" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://github.com/magento/magento2/commit/ed952726c94e401e922e88490e41a536f2d850e7", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/ed952726c94e401e922e88490e41a536f2d850e7" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28563", "reference_id": "CVE-2021-28563", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28563" }, { "reference_url": "https://github.com/advisories/GHSA-q9xx-4689-gvv5", "reference_id": "GHSA-q9xx-4689-gvv5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q9xx-4689-gvv5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23441?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" } ], "aliases": [ "CVE-2021-28563", "GHSA-q9xx-4689-gvv5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4ujh-geum-9bbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97922?format=api", "vulnerability_id": "VCID-53sd-5nuj-e7d9", "summary": "Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable form fields. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49557", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.49258", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.49264", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.4912", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.49276", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49557" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49557", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49557" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "apsb25-71.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:12Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://github.com/advisories/GHSA-8mq8-c243-2335", "reference_id": "GHSA-8mq8-c243-2335", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8mq8-c243-2335" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377756?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p15", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p15" }, { "url": "http://public2.vulnerablecode.io/api/packages/27375?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/377522?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/377521?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377520?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/34327?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-49557", "GHSA-8mq8-c243-2335" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-53sd-5nuj-e7d9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49294?format=api", "vulnerability_id": "VCID-549e-3kmc-cyfw", "summary": "Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both confidentiality and integrity impact. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34104", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.7054", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.70537", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.70435", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.70526", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34104" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799" }, { "reference_url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2" }, { "reference_url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c" }, { "reference_url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html", "reference_id": "apsb24-40.html", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-14T13:48:20Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34104", "reference_id": "CVE-2024-34104", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34104" }, { "reference_url": "https://github.com/advisories/GHSA-wwj3-573j-rvvm", "reference_id": "GHSA-wwj3-573j-rvvm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wwj3-573j-rvvm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32194?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/32193?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/32195?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/30241?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-34104", "GHSA-wwj3-573j-rvvm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-549e-3kmc-cyfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124340?format=api", "vulnerability_id": "VCID-5edy-fp8q-97fp", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24417", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80377", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80368", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.803", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80361", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24417" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24417", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24417" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:50Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-g3j6-9753-8mp2", "reference_id": "GHSA-g3j6-9753-8mp2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g3j6-9753-8mp2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24417", "GHSA-g3j6-9753-8mp2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5edy-fp8q-97fp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87661?format=api", "vulnerability_id": "VCID-6d1u-exkw-hbfu", "summary": "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54236", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.72152", "scoring_system": "epss", "scoring_elements": "0.98772", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.72152", "scoring_system": "epss", "scoring_elements": "0.98779", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.72152", "scoring_system": "epss", "scoring_elements": "0.98777", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54236" }, { "reference_url": "https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nullsecurityx.codes/cve-2025-54236-sessionreaper-unauthenticated-rce-in-magento", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nullsecurityx.codes/cve-2025-54236-sessionreaper-unauthenticated-rce-in-magento" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54236", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54236" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54236", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54236" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-88.html", "reference_id": "apsb25-88.html", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-10-24T14:08:30Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-88.html" }, { "reference_url": "https://github.com/advisories/GHSA-wh92-6q6g-px7j", "reference_id": "GHSA-wh92-6q6g-px7j", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wh92-6q6g-px7j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/380834?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/380578?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p2" } ], "aliases": [ "CVE-2025-54236", "GHSA-wh92-6q6g-px7j" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6d1u-exkw-hbfu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40736?format=api", "vulnerability_id": "VCID-78hy-q8kh-kyh7", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45123", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79788", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79723", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79806", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82688", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45123" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:45Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45123", "reference_id": "CVE-2024-45123", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45123" }, { "reference_url": "https://github.com/advisories/GHSA-88x2-cq34-5fwc", "reference_id": "GHSA-88x2-cq34-5fwc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-88x2-cq34-5fwc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45123", "GHSA-88x2-cq34-5fwc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-78hy-q8kh-kyh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88207?format=api", "vulnerability_id": "VCID-7bmk-3ab2-9ba6", "summary": "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to elevated privileges that increase integrity impact to high. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54267", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20657", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20679", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20479", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54267" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html", "reference_id": "apsb25-94.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-16T03:56:04Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54267", "reference_id": "CVE-2025-54267", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54267" }, { "reference_url": "https://github.com/advisories/GHSA-qvwr-p3hj-j6jf", "reference_id": "GHSA-qvwr-p3hj-j6jf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qvwr-p3hj-j6jf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34326?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/34329?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/34331?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34328?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3" } ], "aliases": [ "CVE-2025-54267", "GHSA-qvwr-p3hj-j6jf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7bmk-3ab2-9ba6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40263?format=api", "vulnerability_id": "VCID-7j68-gund-4qhp", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and affect confidentiality. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45132", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32503", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3232", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32523", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39531", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45132" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:02:03Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45132", "reference_id": "CVE-2024-45132", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45132" }, { "reference_url": "https://github.com/advisories/GHSA-5f64-ppmg-cvvm", "reference_id": "GHSA-5f64-ppmg-cvvm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5f64-ppmg-cvvm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45132", "GHSA-5f64-ppmg-cvvm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7j68-gund-4qhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210452?format=api", "vulnerability_id": "VCID-7nw6-fepu-jqg1", "summary": "Magento Violation of Secure Design Principles vulnerability in RMA PDF filename formats", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28583", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67793", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67704", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67803", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67806", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28583" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28583", "reference_id": "CVE-2021-28583", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28583" }, { "reference_url": "https://github.com/advisories/GHSA-7gh6-f4jh-3crq", "reference_id": "GHSA-7gh6-f4jh-3crq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7gh6-f4jh-3crq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23441?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" } ], "aliases": [ "CVE-2021-28583", "GHSA-7gh6-f4jh-3crq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7nw6-fepu-jqg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40569?format=api", "vulnerability_id": "VCID-8gwb-c3ck-37f8", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45129", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24182", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24388", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24378", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29568", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45129" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:07:37Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45129", "reference_id": "CVE-2024-45129", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45129" }, { "reference_url": "https://github.com/advisories/GHSA-m58h-998x-66f3", "reference_id": "GHSA-m58h-998x-66f3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m58h-998x-66f3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45129", "GHSA-m58h-998x-66f3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8gwb-c3ck-37f8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98404?format=api", "vulnerability_id": "VCID-9gb1-p5qf-3kd2", "summary": "Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability by manipulating the timing between the check of a resource's state and its use, allowing unauthorized write access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49558", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01616", "scoring_system": "epss", "scoring_elements": "0.82277", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01616", "scoring_system": "epss", "scoring_elements": "0.8228", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01616", "scoring_system": "epss", "scoring_elements": "0.82215", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01616", "scoring_system": "epss", "scoring_elements": "0.82286", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49558" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49558", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49558" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "apsb25-71.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:13Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://github.com/advisories/GHSA-wcmw-8xpp-rwfj", "reference_id": "GHSA-wcmw-8xpp-rwfj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wcmw-8xpp-rwfj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377522?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/377521?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377520?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/377519?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/377518?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2" } ], "aliases": [ "CVE-2025-49558", "GHSA-wcmw-8xpp-rwfj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9gb1-p5qf-3kd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124633?format=api", "vulnerability_id": "VCID-9gbf-swtt-7bhz", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24424", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45476", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45464", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45317", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45466", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24424" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24424", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24424" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:44Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-539v-w87w-w62c", "reference_id": "GHSA-539v-w87w-w62c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-539v-w87w-w62c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24424", "GHSA-539v-w87w-w62c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9gbf-swtt-7bhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40380?format=api", "vulnerability_id": "VCID-a6gj-zm14-aqhq", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity and availability. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45128", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14085", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13962", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14082", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.19175", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45128" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:53:58Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45128", "reference_id": "CVE-2024-45128", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45128" }, { "reference_url": "https://github.com/advisories/GHSA-qpp7-742q-58j3", "reference_id": "GHSA-qpp7-742q-58j3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qpp7-742q-58j3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45128", "GHSA-qpp7-742q-58j3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a6gj-zm14-aqhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40470?format=api", "vulnerability_id": "VCID-ax9q-y1rb-33b2", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45124", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27116", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26913", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27134", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32618", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45124" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:54:17Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45124", "reference_id": "CVE-2024-45124", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45124" }, { "reference_url": "https://github.com/advisories/GHSA-w3p2-pc3h-69wv", "reference_id": "GHSA-w3p2-pc3h-69wv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w3p2-pc3h-69wv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45124", "GHSA-w3p2-pc3h-69wv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ax9q-y1rb-33b2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40273?format=api", "vulnerability_id": "VCID-bfp1-cndf-d7d7", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45119", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57792", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.5792", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57905", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.65327", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45119" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:58:44Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45119", "reference_id": "CVE-2024-45119", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45119" }, { "reference_url": "https://github.com/advisories/GHSA-g9fm-wc6h-pvgj", "reference_id": "GHSA-g9fm-wc6h-pvgj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g9fm-wc6h-pvgj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45119", "GHSA-g9fm-wc6h-pvgj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bfp1-cndf-d7d7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46971?format=api", "vulnerability_id": "VCID-bftg-2sea-57cv", "summary": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46366", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46508", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46511", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46522", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39419" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", "reference_id": "apsb24-61.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:08:00Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39419", "reference_id": "CVE-2024-39419", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39419" }, { "reference_url": "https://github.com/advisories/GHSA-74w7-cr4v-wf2v", "reference_id": "GHSA-74w7-cr4v-wf2v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-74w7-cr4v-wf2v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32999?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/32998?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/33000?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/33001?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2" } ], "aliases": [ "CVE-2024-39419", "GHSA-74w7-cr4v-wf2v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bftg-2sea-57cv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/117174?format=api", "vulnerability_id": "VCID-bvfd-gs5b-dyg7", "summary": "Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27190", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50533", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.5052", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50382", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50515", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27190" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27190", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27190" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html", "reference_id": "apsb25-26.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:02Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html" }, { "reference_url": "https://github.com/advisories/GHSA-6wq7-cg9h-mj6q", "reference_id": "GHSA-6wq7-cg9h-mj6q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6wq7-cg9h-mj6q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376305?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/376304?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376303?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/376302?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-27190", "GHSA-6wq7-cg9h-mj6q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bvfd-gs5b-dyg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170239?format=api", "vulnerability_id": "VCID-c26k-zm91-eufg", "summary": "Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could be abused by an attacker to inject malicious scripts into the vulnerable endpoint. A low privileged attacker could leverage this vulnerability to read local files and to perform Stored XSS. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34254", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00599", "scoring_system": "epss", "scoring_elements": "0.70033", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00599", "scoring_system": "epss", "scoring_elements": "0.70031", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00599", "scoring_system": "epss", "scoring_elements": "0.69928", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00599", "scoring_system": "epss", "scoring_elements": "0.70018", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34254" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "apsb22-38.html", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:06Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34254", "reference_id": "CVE-2022-34254", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34254" }, { "reference_url": "https://github.com/advisories/GHSA-fx9g-g9q6-x3jx", "reference_id": "GHSA-fx9g-g9q6-x3jx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fx9g-g9q6-x3jx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25787?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25784?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-ebf6-hmqh-77ae" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/25785?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34254", "GHSA-fx9g-g9q6-x3jx" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c26k-zm91-eufg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124816?format=api", "vulnerability_id": "VCID-ctrj-y3d6-a7dv", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24434", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44276", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44264", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44103", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44257", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24434" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24434", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24434" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:37Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-fppq-f2m6-xv5c", "reference_id": "GHSA-fppq-f2m6-xv5c", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fppq-f2m6-xv5c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24434", "GHSA-fppq-f2m6-xv5c" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ctrj-y3d6-a7dv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124822?format=api", "vulnerability_id": "VCID-cyy2-3rr3-jkc8", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to read select data. Exploitation of this issue does not require user interaction", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24421", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3555", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35556", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35373", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35573", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24421" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24421", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24421" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:01Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-v6r2-425c-hfrr", "reference_id": "GHSA-v6r2-425c-hfrr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v6r2-425c-hfrr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24421", "GHSA-v6r2-425c-hfrr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cyy2-3rr3-jkc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170151?format=api", "vulnerability_id": "VCID-cz7e-3kqn-gqfm", "summary": "Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker with a low privilege account could leverage this vulnerability to perform an account takeover for a victim. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34255", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.67014", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.67028", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66922", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34255" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "apsb22-38.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:06:09Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34255", "reference_id": "CVE-2022-34255", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34255" }, { "reference_url": "https://github.com/advisories/GHSA-x95x-f4g9-mm85", "reference_id": "GHSA-x95x-f4g9-mm85", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x95x-f4g9-mm85" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25787?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25784?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-ebf6-hmqh-77ae" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/25785?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34255", "GHSA-x95x-f4g9-mm85" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cz7e-3kqn-gqfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124768?format=api", "vulnerability_id": "VCID-d9zc-rh9p-4bde", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass allowing read only access. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue requires user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24429", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39865", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39878", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39695", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39889", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24429" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24429", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24429" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:50Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-656q-fx2w-8ccv", "reference_id": "GHSA-656q-fx2w-8ccv", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-656q-fx2w-8ccv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24429", "GHSA-656q-fx2w-8ccv" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d9zc-rh9p-4bde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40181?format=api", "vulnerability_id": "VCID-dktm-v3jw-f7de", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature bypass. An attacker could exploit this vulnerability to alter a condition between the check and the use of a resource, having a low impact on integrity. Exploitation of this issue requires user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45120", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22698", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22503", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2271", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27531", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45120" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:01:07Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45120", "reference_id": "CVE-2024-45120", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45120" }, { "reference_url": "https://github.com/advisories/GHSA-47jp-46c9-25vf", "reference_id": "GHSA-47jp-46c9-25vf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-47jp-46c9-25vf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45120", "GHSA-47jp-46c9-25vf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dktm-v3jw-f7de" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46517?format=api", "vulnerability_id": "VCID-dsy7-gm7v-tqc8", "summary": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39415", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.54261", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.54388", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.54386", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.54403", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39415" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", "reference_id": "apsb24-61.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:13:06Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39415", "reference_id": "CVE-2024-39415", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39415" }, { "reference_url": "https://github.com/advisories/GHSA-gj93-84g5-mcjq", "reference_id": "GHSA-gj93-84g5-mcjq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gj93-84g5-mcjq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32999?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/32998?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/33000?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/33001?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2" } ], "aliases": [ "CVE-2024-39415", "GHSA-gj93-84g5-mcjq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dsy7-gm7v-tqc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124253?format=api", "vulnerability_id": "VCID-dytj-h56v-bke9", "summary": "Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to modify limited fields. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24435", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40682", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40668", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40491", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40659", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24435" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24435", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24435" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:16Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-82p4-55gj-956p", "reference_id": "GHSA-82p4-55gj-956p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-82p4-55gj-956p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24435", "GHSA-82p4-55gj-956p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dytj-h56v-bke9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40291?format=api", "vulnerability_id": "VCID-e2t8-b5yy-zkhn", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An admin attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45135", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34623", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34446", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34647", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41525", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45135" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:00:24Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45135", "reference_id": "CVE-2024-45135", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45135" }, { "reference_url": "https://github.com/advisories/GHSA-8pxg-gcp4-57ww", "reference_id": "GHSA-8pxg-gcp4-57ww", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8pxg-gcp4-57ww" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45135", "GHSA-8pxg-gcp4-57ww" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e2t8-b5yy-zkhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49909?format=api", "vulnerability_id": "VCID-eban-ja9z-f7ep", "summary": "Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to gain unauthorized access or perform actions with the privileges of another user. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34106", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00654", "scoring_system": "epss", "scoring_elements": "0.71516", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00654", "scoring_system": "epss", "scoring_elements": "0.71514", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00654", "scoring_system": "epss", "scoring_elements": "0.71417", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00654", "scoring_system": "epss", "scoring_elements": "0.71504", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34106" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799" }, { "reference_url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2" }, { "reference_url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c" }, { "reference_url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html", "reference_id": "apsb24-40.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-13T16:21:10Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34106", "reference_id": "CVE-2024-34106", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34106" }, { "reference_url": "https://github.com/advisories/GHSA-p6h9-gx5g-wg64", "reference_id": "GHSA-p6h9-gx5g-wg64", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p6h9-gx5g-wg64" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32194?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/32193?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/32195?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/30241?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-34106", "GHSA-p6h9-gx5g-wg64" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eban-ja9z-f7ep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124732?format=api", "vulnerability_id": "VCID-esjc-zzqy-nycf", "summary": "Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Information Exposure vulnerability that could result in privilege escalation. A low-privileged attacker could gain unauthorized access to sensitive information. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00377", "scoring_system": "epss", "scoring_elements": "0.5984", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00377", "scoring_system": "epss", "scoring_elements": "0.59831", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00377", "scoring_system": "epss", "scoring_elements": "0.5972", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00377", "scoring_system": "epss", "scoring_elements": "0.59828", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24408" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24408", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24408" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:13Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-3cfg-w257-cgf8", "reference_id": "GHSA-3cfg-w257-cgf8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3cfg-w257-cgf8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24408", "GHSA-3cfg-w257-cgf8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-esjc-zzqy-nycf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88335?format=api", "vulnerability_id": "VCID-eusf-bc81-9uhv", "summary": "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54263", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25914", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26115", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.2613", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26114", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54263" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html", "reference_id": "apsb25-94.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:29Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54263", "reference_id": "CVE-2025-54263", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54263" }, { "reference_url": "https://github.com/advisories/GHSA-69x9-xp2j-w8g8", "reference_id": "GHSA-69x9-xp2j-w8g8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-69x9-xp2j-w8g8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34326?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/34329?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/34331?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34328?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3" } ], "aliases": [ "CVE-2025-54263", "GHSA-69x9-xp2j-w8g8" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eusf-bc81-9uhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124891?format=api", "vulnerability_id": "VCID-ferd-u8gt-akds", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to a security feature bypass. An unauthenticated attacker could exploit this vulnerability to modify files that are stored outside the restricted directory. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24406", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46829", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46824", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46685", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46843", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24406" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24406", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24406" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:51:36Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-954p-ff72-327w", "reference_id": "GHSA-954p-ff72-327w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-954p-ff72-327w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24406", "GHSA-954p-ff72-327w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ferd-u8gt-akds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97905?format=api", "vulnerability_id": "VCID-fqkf-67fw-cyb8", "summary": "Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to modify limited data. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02291", "scoring_system": "epss", "scoring_elements": "0.8513", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02291", "scoring_system": "epss", "scoring_elements": "0.85122", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.02291", "scoring_system": "epss", "scoring_elements": "0.85068", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02291", "scoring_system": "epss", "scoring_elements": "0.85121", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49559" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49559", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49559" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "apsb25-71.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:14Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://github.com/advisories/GHSA-h4f4-gv6h-x824", "reference_id": "GHSA-h4f4-gv6h-x824", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h4f4-gv6h-x824" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377522?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/377521?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377520?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/377519?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/377518?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2" } ], "aliases": [ "CVE-2025-49559", "GHSA-h4f4-gv6h-x824" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fqkf-67fw-cyb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49820?format=api", "vulnerability_id": "VCID-frhp-vgpt-g7am", "summary": "Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access or elevated privileges within the application. Exploitation of this issue does not require user interaction, but attack complexity is high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34103", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.83355", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.8336", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.83294", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.83363", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34103" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799" }, { "reference_url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2" }, { "reference_url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c" }, { "reference_url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html", "reference_id": "apsb24-40.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:29Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34103", "reference_id": "CVE-2024-34103", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34103" }, { "reference_url": "https://github.com/advisories/GHSA-f7q4-9gwv-6774", "reference_id": "GHSA-f7q4-9gwv-6774", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f7q4-9gwv-6774" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32194?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/32193?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/32195?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/30241?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-34103", "GHSA-f7q4-9gwv-6774" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-frhp-vgpt-g7am" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170176?format=api", "vulnerability_id": "VCID-fs2p-2pcw-pkbg", "summary": "Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker with admin privileges to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34258", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16184", "scoring_system": "epss", "scoring_elements": "0.94979", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.16184", "scoring_system": "epss", "scoring_elements": "0.94981", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.16184", "scoring_system": "epss", "scoring_elements": "0.94959", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.16184", "scoring_system": "epss", "scoring_elements": "0.94976", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34258" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "apsb22-38.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:10Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34258", "reference_id": "CVE-2022-34258", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34258" }, { "reference_url": "https://github.com/advisories/GHSA-5m55-g8pv-x8ww", "reference_id": "GHSA-5m55-g8pv-x8ww", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5m55-g8pv-x8ww" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25787?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25784?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-ebf6-hmqh-77ae" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/25785?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34258", "GHSA-5m55-g8pv-x8ww" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fs2p-2pcw-pkbg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124047?format=api", "vulnerability_id": "VCID-gac9-1nnp-67cc", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing rate limiting mechanisms. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24432", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27912", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27902", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27686", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27887", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24432" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24432", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24432" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T19:09:50Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-7jmr-43qj-pw47", "reference_id": "GHSA-7jmr-43qj-pw47", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7jmr-43qj-pw47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24432", "GHSA-7jmr-43qj-pw47" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gac9-1nnp-67cc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98222?format=api", "vulnerability_id": "VCID-gakd-m2af-z7c2", "summary": "Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue requires user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49550", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.65051", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.6506", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64951", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.65062", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49550" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49550", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49550" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html", "reference_id": "apsb25-50.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T18:07:51Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html" }, { "reference_url": "https://github.com/advisories/GHSA-8hcx-xvww-6c6h", "reference_id": "GHSA-8hcx-xvww-6c6h", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8hcx-xvww-6c6h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/378550?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/378549?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/378548?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/34327?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-49550", "GHSA-8hcx-xvww-6c6h" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gakd-m2af-z7c2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40168?format=api", "vulnerability_id": "VCID-ggtj-fbzy-87fx", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45122", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30682", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30485", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30701", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37192", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45122" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:59:49Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45122", "reference_id": "CVE-2024-45122", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45122" }, { "reference_url": "https://github.com/advisories/GHSA-46fm-x82m-5f74", "reference_id": "GHSA-46fm-x82m-5f74", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-46fm-x82m-5f74" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45122", "GHSA-46fm-x82m-5f74" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ggtj-fbzy-87fx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98053?format=api", "vulnerability_id": "VCID-gx3s-7cxk-pyfc", "summary": "Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction, and scope is unchanged.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49556", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01048", "scoring_system": "epss", "scoring_elements": "0.77994", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01048", "scoring_system": "epss", "scoring_elements": "0.78002", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01048", "scoring_system": "epss", "scoring_elements": "0.77927", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01048", "scoring_system": "epss", "scoring_elements": "0.78008", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49556" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49556", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49556" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "apsb25-71.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:18:25Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://github.com/advisories/GHSA-7hrj-3c9x-xv5h", "reference_id": "GHSA-7hrj-3c9x-xv5h", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7hrj-3c9x-xv5h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377522?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/377521?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377520?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/377519?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/377518?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2" } ], "aliases": [ "CVE-2025-49556", "GHSA-7hrj-3c9x-xv5h" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gx3s-7cxk-pyfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124171?format=api", "vulnerability_id": "VCID-gzga-qjaf-kugh", "summary": "Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24428", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0102", "scoring_system": "epss", "scoring_elements": "0.77716", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0102", "scoring_system": "epss", "scoring_elements": "0.77722", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0102", "scoring_system": "epss", "scoring_elements": "0.77648", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0102", "scoring_system": "epss", "scoring_elements": "0.7773", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24428" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24428", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24428" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:10Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-mm87-rrqx-94cr", "reference_id": "GHSA-mm87-rrqx-94cr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mm87-rrqx-94cr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24428", "GHSA-mm87-rrqx-94cr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gzga-qjaf-kugh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87827?format=api", "vulnerability_id": "VCID-h2ju-dedu-fqad", "summary": "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54265", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29491", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.2969", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29706", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29688", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54265" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html", "reference_id": "apsb25-94.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T20:35:42Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54265", "reference_id": "CVE-2025-54265", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54265" }, { "reference_url": "https://github.com/advisories/GHSA-r355-75hw-r8jf", "reference_id": "GHSA-r355-75hw-r8jf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r355-75hw-r8jf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34326?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/34329?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/34331?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34328?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3" } ], "aliases": [ "CVE-2025-54265", "GHSA-r355-75hw-r8jf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h2ju-dedu-fqad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170194?format=api", "vulnerability_id": "VCID-hex3-vh93-53em", "summary": "Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to access other user's data. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34256", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61677", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.6178", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61778", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61786", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34256" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "apsb22-38.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:06:22Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34256", "reference_id": "CVE-2022-34256", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34256" }, { "reference_url": "https://github.com/advisories/GHSA-r7mm-grf3-5fjv", "reference_id": "GHSA-r7mm-grf3-5fjv", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r7mm-grf3-5fjv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25787?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25784?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-ebf6-hmqh-77ae" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/25785?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34256", "GHSA-r7mm-grf3-5fjv" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hex3-vh93-53em" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210453?format=api", "vulnerability_id": "VCID-hg41-tf2t-4yew", "summary": "Magento DOM-based Cross-Site Scripting vulnerability on mage-messages cookies", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28556", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.23863", "scoring_system": "epss", "scoring_elements": "0.96152", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.23863", "scoring_system": "epss", "scoring_elements": "0.96141", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.23863", "scoring_system": "epss", "scoring_elements": "0.96156", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.23863", "scoring_system": "epss", "scoring_elements": "0.96154", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28556" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28556", "reference_id": "CVE-2021-28556", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28556" }, { "reference_url": "https://github.com/advisories/GHSA-39ch-rg26-gmq5", "reference_id": "GHSA-39ch-rg26-gmq5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-39ch-rg26-gmq5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23441?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" } ], "aliases": [ "CVE-2021-28556", "GHSA-39ch-rg26-gmq5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hg41-tf2t-4yew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210313?format=api", "vulnerability_id": "VCID-huy7-57jw-z3bp", "summary": "Magento cross-site request forgery (CSRF) vulnerability via the GraphQL API", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21027", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00367", "scoring_system": "epss", "scoring_elements": "0.59143", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00367", "scoring_system": "epss", "scoring_elements": "0.59031", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00367", "scoring_system": "epss", "scoring_elements": "0.59145", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00367", "scoring_system": "epss", "scoring_elements": "0.59154", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21027" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497" }, { "reference_url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21027", "reference_id": "CVE-2021-21027", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21027" }, { "reference_url": "https://github.com/advisories/GHSA-h4xc-577p-hgj9", "reference_id": "GHSA-h4xc-577p-hgj9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h4xc-577p-hgj9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22774?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2" } ], "aliases": [ "CVE-2021-21027", "GHSA-h4xc-577p-hgj9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-huy7-57jw-z3bp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46560?format=api", "vulnerability_id": "VCID-j9e4-4xta-6qc5", "summary": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39414", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55433", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55556", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55553", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55568", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39414" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", "reference_id": "apsb24-61.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:42Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39414", "reference_id": "CVE-2024-39414", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39414" }, { "reference_url": "https://github.com/advisories/GHSA-x6f9-hv9r-fgq4", "reference_id": "GHSA-x6f9-hv9r-fgq4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x6f9-hv9r-fgq4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32999?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/32998?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/33000?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/33001?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2" } ], "aliases": [ "CVE-2024-39414", "GHSA-x6f9-hv9r-fgq4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j9e4-4xta-6qc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/117136?format=api", "vulnerability_id": "VCID-jc6r-vmnc-r3g9", "summary": "Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27188", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36523", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36511", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36317", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36497", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27188" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27188", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27188" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html", "reference_id": "apsb25-26.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:30Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html" }, { "reference_url": "https://github.com/advisories/GHSA-rr2g-rrjj-xw86", "reference_id": "GHSA-rr2g-rrjj-xw86", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rr2g-rrjj-xw86" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376305?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/376304?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376303?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/30241?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/376302?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5" }, { "url": "http://public2.vulnerablecode.io/api/packages/34325?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8" } ], "aliases": [ "CVE-2025-27188", "GHSA-rr2g-rrjj-xw86" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jc6r-vmnc-r3g9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46412?format=api", "vulnerability_id": "VCID-jeur-3jww-dqee", "summary": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and perform a minor integrity change. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39412", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50751", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50755", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50617", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50768", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39412" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", "reference_id": "apsb24-61.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:56Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39412", "reference_id": "CVE-2024-39412", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39412" }, { "reference_url": "https://github.com/advisories/GHSA-7472-vw39-g2j3", "reference_id": "GHSA-7472-vw39-g2j3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7472-vw39-g2j3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32999?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/32998?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/33000?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/30241?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/33001?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2" } ], "aliases": [ "CVE-2024-39412", "GHSA-7472-vw39-g2j3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jeur-3jww-dqee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49778?format=api", "vulnerability_id": "VCID-kf6b-mshs-23fa", "summary": "Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and view minor unauthorised information. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34107", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.7321", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.73208", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.73117", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.73195", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34107" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799" }, { "reference_url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2" }, { "reference_url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c" }, { "reference_url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html", "reference_id": "apsb24-40.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-14T13:30:50Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34107", "reference_id": "CVE-2024-34107", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34107" }, { "reference_url": "https://github.com/advisories/GHSA-r7cm-g469-wm4g", "reference_id": "GHSA-r7cm-g469-wm4g", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r7cm-g469-wm4g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32194?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/32193?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/32195?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/30241?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-34107", "GHSA-r7cm-g469-wm4g" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kf6b-mshs-23fa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40170?format=api", "vulnerability_id": "VCID-kfct-k5af-n7fu", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code. If an admin attacker can trick a user into clicking a specially crafted link or submitting a form, malicious scripts may be executed within the context of the victim's browser and have high impact on confidentiality and integrity. Exploitation of this issue requires user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45116", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.83391", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.8333", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.834", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0247", "scoring_system": "epss", "scoring_elements": "0.85647", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45116" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-10T13:56:29Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45116", "reference_id": "CVE-2024-45116", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45116" }, { "reference_url": "https://github.com/advisories/GHSA-873m-72g6-853g", "reference_id": "GHSA-873m-72g6-853g", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-873m-72g6-853g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45116", "GHSA-873m-72g6-853g" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kfct-k5af-n7fu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124493?format=api", "vulnerability_id": "VCID-kjc9-vrhf-hfav", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24427", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40682", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40668", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40491", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40659", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24427" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24427", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24427" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:04Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-v3hq-g424-5mgg", "reference_id": "GHSA-v3hq-g424-5mgg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v3hq-g424-5mgg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24427", "GHSA-v3hq-g424-5mgg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kjc9-vrhf-hfav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97819?format=api", "vulnerability_id": "VCID-ktnj-j4xu-uufs", "summary": "Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in privilege escalation. A high-privileged attacker could trick a victim into executing unintended actions on a web application where the victim is authenticated, potentially allowing unauthorized access or modification of sensitive data. Exploitation of this issue requires user interaction in that a victim must visit a malicious website or click on a crafted link. Scope is changed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49555", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.59265", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.59149", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.59261", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.59273", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49555" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49555", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49555" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "apsb25-71.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:10Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://github.com/advisories/GHSA-5777-jj7p-mpqw", "reference_id": "GHSA-5777-jj7p-mpqw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5777-jj7p-mpqw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377522?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/377521?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377520?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/377519?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/377518?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2" } ], "aliases": [ "CVE-2025-49555", "GHSA-5777-jj7p-mpqw" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ktnj-j4xu-uufs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/116898?format=api", "vulnerability_id": "VCID-kxjv-xm7r-hkhs", "summary": "Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27191", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50533", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.5052", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50382", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50515", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27191" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27191", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27191" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html", "reference_id": "apsb25-26.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:08Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html" }, { "reference_url": "https://github.com/advisories/GHSA-vhcq-4xrm-2cr2", "reference_id": "GHSA-vhcq-4xrm-2cr2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vhcq-4xrm-2cr2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376305?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/376304?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376303?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/376302?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-27191", "GHSA-vhcq-4xrm-2cr2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kxjv-xm7r-hkhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40233?format=api", "vulnerability_id": "VCID-mccb-abc5-9yfs", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have high impact on integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45118", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25049", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24849", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25066", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30306", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45118" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:45:03Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45118", "reference_id": "CVE-2024-45118", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45118" }, { "reference_url": "https://github.com/advisories/GHSA-cg52-68fv-94qq", "reference_id": "GHSA-cg52-68fv-94qq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cg52-68fv-94qq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45118", "GHSA-cg52-68fv-94qq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mccb-abc5-9yfs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210224?format=api", "vulnerability_id": "VCID-mtu1-7ww6-vucq", "summary": "Magento 2 Community Edition Incorrect Authorization", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24401", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.5227", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.5214", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.52263", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.52281", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24401" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24401", "reference_id": "CVE-2020-24401", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24401" }, { "reference_url": "https://github.com/advisories/GHSA-f2g3-3c6q-4478", "reference_id": "GHSA-f2g3-3c6q-4478", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f2g3-3c6q-4478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22493?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1" } ], "aliases": [ "CVE-2020-24401", "GHSA-f2g3-3c6q-4478" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mtu1-7ww6-vucq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210225?format=api", "vulnerability_id": "VCID-n4vb-dqt3-g3ff", "summary": "Magento incorrect user permissions vulnerability within the Inventory component", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24403", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41014", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40848", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41024", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41036", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24403" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24403", "reference_id": "CVE-2020-24403", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24403" }, { "reference_url": "https://github.com/advisories/GHSA-39rw-4m66-82gf", "reference_id": "GHSA-39rw-4m66-82gf", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-39rw-4m66-82gf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22493?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1" } ], "aliases": [ "CVE-2020-24403", "GHSA-39rw-4m66-82gf" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n4vb-dqt3-g3ff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40506?format=api", "vulnerability_id": "VCID-ngx2-ewzf-xbd4", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to read files from the system outside of the intended directories via PHP filter chain and also can have a low-availability impact on the service. Exploitation of this issue does not require user interaction and scope is changed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45117", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49812", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49675", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49831", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.58204", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45117" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L" }, { "value": "6.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L" }, { "value": "6.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:07:29Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45117", "reference_id": "CVE-2024-45117", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L" }, { "value": "6.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45117" }, { "reference_url": "https://github.com/advisories/GHSA-3fr3-gcqh-3m2g", "reference_id": "GHSA-3fr3-gcqh-3m2g", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3fr3-gcqh-3m2g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45117", "GHSA-3fr3-gcqh-3m2g" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ngx2-ewzf-xbd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124632?format=api", "vulnerability_id": "VCID-ntst-nee5-63d3", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24410", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01784", "scoring_system": "epss", "scoring_elements": "0.83207", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01784", "scoring_system": "epss", "scoring_elements": "0.83202", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01784", "scoring_system": "epss", "scoring_elements": "0.83137", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01784", "scoring_system": "epss", "scoring_elements": "0.83198", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24410" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24410", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24410" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:38Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-gjxp-46rq-wg4q", "reference_id": "GHSA-gjxp-46rq-wg4q", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gjxp-46rq-wg4q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24410", "GHSA-gjxp-46rq-wg4q" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ntst-nee5-63d3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/211472?format=api", "vulnerability_id": "VCID-p7w3-uwrr-w3gv", "summary": "Magento Improper input validation vulnerability", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42344", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40053", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39861", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40031", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40043", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42344" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42344", "reference_id": "CVE-2022-42344", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42344" }, { "reference_url": "https://github.com/advisories/GHSA-297f-r9w7-w492", "reference_id": "GHSA-297f-r9w7-w492", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-297f-r9w7-w492" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25787?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/23707?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-ebf6-hmqh-77ae" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-eygz-u15g-mkgq" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25785?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-42344", "GHSA-297f-r9w7-w492" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p7w3-uwrr-w3gv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40624?format=api", "vulnerability_id": "VCID-pb4n-m8cv-9bb7", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to have a low impact on integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45125", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21237", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21432", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21419", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.2624", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45125" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:06:28Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45125", "reference_id": "CVE-2024-45125", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45125" }, { "reference_url": "https://github.com/advisories/GHSA-xg36-8c2v-jpxh", "reference_id": "GHSA-xg36-8c2v-jpxh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xg36-8c2v-jpxh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45125", "GHSA-xg36-8c2v-jpxh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pb4n-m8cv-9bb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87743?format=api", "vulnerability_id": "VCID-pcm6-819d-6uhm", "summary": "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.44038", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.44198", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.44191", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.4421", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54264" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html", "reference_id": "apsb25-94.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:28Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54264", "reference_id": "CVE-2025-54264", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54264" }, { "reference_url": "https://github.com/advisories/GHSA-2768-5wmv-cfff", "reference_id": "GHSA-2768-5wmv-cfff", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2768-5wmv-cfff" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34326?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/34329?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/34331?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34328?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3" } ], "aliases": [ "CVE-2025-54264", "GHSA-2768-5wmv-cfff" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pcm6-819d-6uhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124042?format=api", "vulnerability_id": "VCID-pfvk-8q6r-e7c5", "summary": "Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain elevated privileges. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24437", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35907", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35894", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35704", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35884", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24437" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24437", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24437" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:35Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-469f-wf4f-3jjv", "reference_id": "GHSA-469f-wf4f-3jjv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-469f-wf4f-3jjv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24437", "GHSA-469f-wf4f-3jjv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pfvk-8q6r-e7c5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170113?format=api", "vulnerability_id": "VCID-pna2-wk6m-e3gu", "summary": "Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34259", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46148", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.4629", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46293", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46304", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34259" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "apsb22-38.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:06:18Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34259", "reference_id": "CVE-2022-34259", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34259" }, { "reference_url": "https://github.com/advisories/GHSA-9wjf-94h3-r4rh", "reference_id": "GHSA-9wjf-94h3-r4rh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9wjf-94h3-r4rh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25787?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25784?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-ebf6-hmqh-77ae" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/25785?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34259", "GHSA-9wjf-94h3-r4rh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pna2-wk6m-e3gu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124216?format=api", "vulnerability_id": "VCID-psnm-zaza-tuf9", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24414", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80377", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80368", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.803", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80361", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24414" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24414", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24414" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:45Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-fhw6-3mj5-w9gv", "reference_id": "GHSA-fhw6-3mj5-w9gv", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fhw6-3mj5-w9gv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24414", "GHSA-fhw6-3mj5-w9gv" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-psnm-zaza-tuf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124011?format=api", "vulnerability_id": "VCID-pu8a-r3v2-g7h9", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24416", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80377", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80368", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.803", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80361", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24416" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24416", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24416" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:48Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-rjjw-g6hw-7pc9", "reference_id": "GHSA-rjjw-g6hw-7pc9", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rjjw-g6hw-7pc9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24416", "GHSA-rjjw-g6hw-7pc9" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pu8a-r3v2-g7h9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/173405?format=api", "vulnerability_id": "VCID-pwax-36m7-2kby", "summary": "Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24086", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93696", "scoring_system": "epss", "scoring_elements": "0.9986", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.93696", "scoring_system": "epss", "scoring_elements": "0.99859", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24086" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-24086", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-24086" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-12.html", "reference_id": "apsb22-12.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-02-27T18:35:53Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-12.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24086", "reference_id": "CVE-2022-24086", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24086" }, { "reference_url": "https://github.com/advisories/GHSA-f8fv-f786-9933", "reference_id": "GHSA-f8fv-f786-9933", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f8fv-f786-9933" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/19435?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-ebf6-hmqh-77ae" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/23707?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-ebf6-hmqh-77ae" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-eygz-u15g-mkgq" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3" } ], "aliases": [ "CVE-2022-24086", "GHSA-f8fv-f786-9933" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pwax-36m7-2kby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/116851?format=api", "vulnerability_id": "VCID-q68u-w433-tqb9", "summary": "Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could lead to a security feature bypass. A high privileged attacker could exploit this vulnerability to gain unauthorized access to protected resources by obtaining sensitive credential information. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27192", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28281", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28067", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28266", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.2829", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27192" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27192", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27192" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html", "reference_id": "apsb25-26.html", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:23Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html" }, { "reference_url": "https://github.com/advisories/GHSA-2r94-wm5v-4prx", "reference_id": "GHSA-2r94-wm5v-4prx", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2r94-wm5v-4prx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376305?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/376304?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376303?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/376302?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-27192", "GHSA-2r94-wm5v-4prx" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q68u-w433-tqb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124648?format=api", "vulnerability_id": "VCID-qh9p-8b9r-mufh", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24412", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80377", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80368", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.803", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80361", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24412" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24412", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24412" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:41Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-m4rg-mpp2-97px", "reference_id": "GHSA-m4rg-mpp2-97px", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m4rg-mpp2-97px" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24412", "GHSA-m4rg-mpp2-97px" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qh9p-8b9r-mufh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210227?format=api", "vulnerability_id": "VCID-qhah-73w3-sqbp", "summary": "Magento 2 Community Edition RCE via Unsafe File Upload", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24407", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03057", "scoring_system": "epss", "scoring_elements": "0.87046", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.03057", "scoring_system": "epss", "scoring_elements": "0.87001", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.03057", "scoring_system": "epss", "scoring_elements": "0.87051", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.03057", "scoring_system": "epss", "scoring_elements": "0.87055", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24407" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24407", "reference_id": "CVE-2020-24407", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24407" }, { "reference_url": "https://github.com/advisories/GHSA-7pxg-6p87-8c9v", "reference_id": "GHSA-7pxg-6p87-8c9v", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7pxg-6p87-8c9v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22493?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1" } ], "aliases": [ "CVE-2020-24407", "GHSA-7pxg-6p87-8c9v" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qhah-73w3-sqbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46855?format=api", "vulnerability_id": "VCID-qnpc-4r4b-3uhx", "summary": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39417", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.54261", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.54388", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.54386", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.54403", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39417" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", "reference_id": "apsb24-61.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:31Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39417", "reference_id": "CVE-2024-39417", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39417" }, { "reference_url": "https://github.com/advisories/GHSA-4xmj-f664-hv98", "reference_id": "GHSA-4xmj-f664-hv98", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4xmj-f664-hv98" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32999?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/32998?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/33000?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/33001?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2" } ], "aliases": [ "CVE-2024-39417", "GHSA-4xmj-f664-hv98" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qnpc-4r4b-3uhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210226?format=api", "vulnerability_id": "VCID-qs5t-4dc4-xyed", "summary": "Magento incorrect permissions vulnerability in the Integrations component", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24402", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41014", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40848", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41024", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41036", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24402" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24402", "reference_id": "CVE-2020-24402", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24402" }, { "reference_url": "https://github.com/advisories/GHSA-hvf5-4jr9-fghh", "reference_id": "GHSA-hvf5-4jr9-fghh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hvf5-4jr9-fghh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22493?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1" } ], "aliases": [ "CVE-2020-24402", "GHSA-hvf5-4jr9-fghh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qs5t-4dc4-xyed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210538?format=api", "vulnerability_id": "VCID-qvq2-tfke-w7g8", "summary": "Magento Improper Authorization vulnerability in the customers module", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28567", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27947", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27747", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27963", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27973", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28567" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28567", "reference_id": "CVE-2021-28567", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28567" }, { "reference_url": "https://github.com/advisories/GHSA-cc3w-r3w8-hfh7", "reference_id": "GHSA-cc3w-r3w8-hfh7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cc3w-r3w8-hfh7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23441?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" } ], "aliases": [ "CVE-2021-28567", "GHSA-cc3w-r3w8-hfh7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qvq2-tfke-w7g8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124166?format=api", "vulnerability_id": "VCID-rm7u-jwat-v7f1", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both a High impact to confidentiality and Low impact to integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35006", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34985", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34804", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34983", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24409" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24409", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24409" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T19:11:11Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-vw47-79jv-3598", "reference_id": "GHSA-vw47-79jv-3598", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vw47-79jv-3598" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24409", "GHSA-vw47-79jv-3598" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rm7u-jwat-v7f1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40833?format=api", "vulnerability_id": "VCID-rw4d-b9yt-mbhz", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45127", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01887", "scoring_system": "epss", "scoring_elements": "0.83639", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01887", "scoring_system": "epss", "scoring_elements": "0.83646", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01887", "scoring_system": "epss", "scoring_elements": "0.8358", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01887", "scoring_system": "epss", "scoring_elements": "0.83649", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45127" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:55Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45127", "reference_id": "CVE-2024-45127", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45127" }, { "reference_url": "https://github.com/advisories/GHSA-c89g-gq5r-2xw2", "reference_id": "GHSA-c89g-gq5r-2xw2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c89g-gq5r-2xw2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45127", "GHSA-c89g-gq5r-2xw2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rw4d-b9yt-mbhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40770?format=api", "vulnerability_id": "VCID-s45p-jru3-w3df", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45133", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28838", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28638", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28863", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35094", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45133" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:54:05Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45133", "reference_id": "CVE-2024-45133", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45133" }, { "reference_url": "https://github.com/advisories/GHSA-j3mh-wx5f-2vhg", "reference_id": "GHSA-j3mh-wx5f-2vhg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j3mh-wx5f-2vhg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45133", "GHSA-j3mh-wx5f-2vhg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s45p-jru3-w3df" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46443?format=api", "vulnerability_id": "VCID-s7t9-h2jx-9bgr", "summary": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39416", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55433", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55556", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55553", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55568", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39416" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", "reference_id": "apsb24-61.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:27Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39416", "reference_id": "CVE-2024-39416", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39416" }, { "reference_url": "https://github.com/advisories/GHSA-4xgg-rw35-7mv5", "reference_id": "GHSA-4xgg-rw35-7mv5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4xgg-rw35-7mv5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32999?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/32998?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/33000?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/33001?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2" } ], "aliases": [ "CVE-2024-39416", "GHSA-4xgg-rw35-7mv5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s7t9-h2jx-9bgr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210312?format=api", "vulnerability_id": "VCID-st4g-zp7x-u3ba", "summary": "Magento improper authorization vulnerability in the integrations module", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21026", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.72143", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.72058", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.7215", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.72155", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21026" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497" }, { "reference_url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21026", "reference_id": "CVE-2021-21026", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21026" }, { "reference_url": "https://github.com/advisories/GHSA-crjc-2v9m-8w7r", "reference_id": "GHSA-crjc-2v9m-8w7r", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-crjc-2v9m-8w7r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22774?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2" } ], "aliases": [ "CVE-2021-21026", "GHSA-crjc-2v9m-8w7r" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-st4g-zp7x-u3ba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124016?format=api", "vulnerability_id": "VCID-t4gd-uv9g-ukh5", "summary": "Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Business Logic Error vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to circumvent intended security mechanisms by manipulating the logic of the application's operations causing limited data modification. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24425", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.48199", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.48183", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.48044", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.48182", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24425" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24425", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24425" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:51:39Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-6ff8-jrfg-43hh", "reference_id": "GHSA-6ff8-jrfg-43hh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6ff8-jrfg-43hh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24425", "GHSA-6ff8-jrfg-43hh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t4gd-uv9g-ukh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40636?format=api", "vulnerability_id": "VCID-twda-bvut-9bhp", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45134", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.30641", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.30857", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.3084", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37387", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45134" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:05:23Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45134", "reference_id": "CVE-2024-45134", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45134" }, { "reference_url": "https://github.com/advisories/GHSA-4f89-5cwm-rm5g", "reference_id": "GHSA-4f89-5cwm-rm5g", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4f89-5cwm-rm5g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45134", "GHSA-4f89-5cwm-rm5g" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-twda-bvut-9bhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97813?format=api", "vulnerability_id": "VCID-twdq-g82m-nqcp", "summary": "Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input, causing the application to crash or become unresponsive. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49554", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.77538", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.77544", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.77469", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.77553", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49554" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49554", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49554" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "apsb25-71.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:18:27Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://github.com/advisories/GHSA-xgfm-992v-h2hr", "reference_id": "GHSA-xgfm-992v-h2hr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xgfm-992v-h2hr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377522?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/377521?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377520?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/377519?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/377518?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2" } ], "aliases": [ "CVE-2025-49554", "GHSA-xgfm-992v-h2hr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-twdq-g82m-nqcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46640?format=api", "vulnerability_id": "VCID-u52p-wrjp-quhk", "summary": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changeson behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.67045", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.67151", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00515", "scoring_system": "epss", "scoring_elements": "0.67137", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39408" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", "reference_id": "apsb24-61.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:17Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39408", "reference_id": "CVE-2024-39408", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39408" }, { "reference_url": "https://github.com/advisories/GHSA-4cj6-f32v-6hgx", "reference_id": "GHSA-4cj6-f32v-6hgx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4cj6-f32v-6hgx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32999?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/32998?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/33000?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/30241?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/33001?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2" } ], "aliases": [ "CVE-2024-39408", "GHSA-4cj6-f32v-6hgx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u52p-wrjp-quhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124757?format=api", "vulnerability_id": "VCID-u9vz-axk1-fqfn", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24415", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80377", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80368", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.803", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80361", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24415" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24415", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24415" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:47Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-gc27-rvvm-q77r", "reference_id": "GHSA-gc27-rvvm-q77r", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gc27-rvvm-q77r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24415", "GHSA-gc27-rvvm-q77r" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u9vz-axk1-fqfn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210539?format=api", "vulnerability_id": "VCID-uyhy-7kvj-8be1", "summary": "Magento Information Disclosure vulnerability", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28566", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.73226", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.73149", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.7324", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.73241", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28566" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28566", "reference_id": "CVE-2021-28566", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28566" }, { "reference_url": "https://github.com/advisories/GHSA-w942-fw92-mqm2", "reference_id": "GHSA-w942-fw92-mqm2", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w942-fw92-mqm2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23441?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/23707?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-ebf6-hmqh-77ae" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-eygz-u15g-mkgq" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3" } ], "aliases": [ "CVE-2021-28566", "GHSA-w942-fw92-mqm2" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uyhy-7kvj-8be1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40166?format=api", "vulnerability_id": "VCID-vgz6-nvj3-xqft", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality and integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45131", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32565", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32384", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32585", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39602", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45131" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:02:38Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45131", "reference_id": "CVE-2024-45131", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45131" }, { "reference_url": "https://github.com/advisories/GHSA-xc5p-773w-m3pm", "reference_id": "GHSA-xc5p-773w-m3pm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xc5p-773w-m3pm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45131", "GHSA-xc5p-773w-m3pm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vgz6-nvj3-xqft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210451?format=api", "vulnerability_id": "VCID-w54j-vx36-3qhs", "summary": "Magento Path Traversal vulnerability", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28584", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.69317", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.69225", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.69323", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.69329", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28584" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28584", "reference_id": "CVE-2021-28584", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28584" }, { "reference_url": "https://github.com/advisories/GHSA-7gpv-xrjr-f5h4", "reference_id": "GHSA-7gpv-xrjr-f5h4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7gpv-xrjr-f5h4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/23441?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" } ], "aliases": [ "CVE-2021-28584", "GHSA-7gpv-xrjr-f5h4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w54j-vx36-3qhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46579?format=api", "vulnerability_id": "VCID-wfdz-b6c4-quhq", "summary": "Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39411", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.54261", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.54388", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.54386", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00306", "scoring_system": "epss", "scoring_elements": "0.54403", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39411" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html", "reference_id": "apsb24-61.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:14Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-61.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39411", "reference_id": "CVE-2024-39411", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39411" }, { "reference_url": "https://github.com/advisories/GHSA-qm77-mqf3-fmhq", "reference_id": "GHSA-qm77-mqf3-fmhq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qm77-mqf3-fmhq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32999?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/32998?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/33000?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/33001?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2" } ], "aliases": [ "CVE-2024-39411", "GHSA-qm77-mqf3-fmhq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wfdz-b6c4-quhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170224?format=api", "vulnerability_id": "VCID-wsu4-ubj1-rfea", "summary": "Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an XML Injection vulnerability in the Widgets Module. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34253", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.37194", "scoring_system": "epss", "scoring_elements": "0.97277", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.37194", "scoring_system": "epss", "scoring_elements": "0.97279", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.37194", "scoring_system": "epss", "scoring_elements": "0.97269", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.37194", "scoring_system": "epss", "scoring_elements": "0.97276", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34253" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "apsb22-38.html", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:06:06Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34253", "reference_id": "CVE-2022-34253", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34253" }, { "reference_url": "https://github.com/advisories/GHSA-cj7w-pm77-hvg6", "reference_id": "GHSA-cj7w-pm77-hvg6", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cj7w-pm77-hvg6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25787?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/25784?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-ebf6-hmqh-77ae" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/25785?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3w11-7use-6kfv" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-faxs-pnwr-8udn" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34253", "GHSA-cj7w-pm77-hvg6" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wsu4-ubj1-rfea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124857?format=api", "vulnerability_id": "VCID-wxkj-7zgv-x7bc", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing rate limiting mechanisms. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24430", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27887", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27902", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27686", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27912", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24430" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24430", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24430" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:47Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-6w27-c66f-gvhq", "reference_id": "GHSA-6w27-c66f-gvhq", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6w27-c66f-gvhq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24430", "GHSA-6w27-c66f-gvhq" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wxkj-7zgv-x7bc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210307?format=api", "vulnerability_id": "VCID-x8wc-8zj4-1qgx", "summary": "Magento OS command injection via the WebAPI", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21016", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04449", "scoring_system": "epss", "scoring_elements": "0.89343", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.04449", "scoring_system": "epss", "scoring_elements": "0.89306", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04449", "scoring_system": "epss", "scoring_elements": "0.8935", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.04449", "scoring_system": "epss", "scoring_elements": "0.89351", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21016" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497" }, { "reference_url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21016", "reference_id": "CVE-2021-21016", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21016" }, { "reference_url": "https://github.com/advisories/GHSA-792f-c8mp-2cr5", "reference_id": "GHSA-792f-c8mp-2cr5", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-792f-c8mp-2cr5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22774?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2" } ], "aliases": [ "CVE-2021-21016", "GHSA-792f-c8mp-2cr5" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x8wc-8zj4-1qgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/117249?format=api", "vulnerability_id": "VCID-xgh4-b9yn-dkh4", "summary": "Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited write access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72686", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72683", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72594", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72671", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27206" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27206", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27206" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html", "reference_id": "apsb25-50.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T18:08:33Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html" }, { "reference_url": "https://github.com/advisories/GHSA-g2pj-xmxq-3r9q", "reference_id": "GHSA-g2pj-xmxq-3r9q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g2pj-xmxq-3r9q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/378550?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/378549?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/378548?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/34327?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-27206", "GHSA-g2pj-xmxq-3r9q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xgh4-b9yn-dkh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49335?format=api", "vulnerability_id": "VCID-xgk2-yecx-q3ff", "summary": "Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34102", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.94171", "scoring_system": "epss", "scoring_elements": "0.99921", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.94171", "scoring_system": "epss", "scoring_elements": "0.9992", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34102" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799" }, { "reference_url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2" }, { "reference_url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c" }, { "reference_url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482#diff-84a0773a6287fbbaadf3b9103f4a137fc0b6946de2437ddfd6f60a0722cf8d23", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482#diff-84a0773a6287fbbaadf3b9103f4a137fc0b6946de2437ddfd6f60a0722cf8d23" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html", "reference_id": "apsb24-40.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-07-18T03:55:19Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html" }, { "reference_url": "https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102", "reference_id": "cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-07-18T03:55:19Z/" } ], "url": "https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34102", "reference_id": "CVE-2024-34102", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34102" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2024-34102.yaml", "reference_id": "CVE-2024-34102.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2024-34102.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-m8cj-3v68-3cxj", "reference_id": "GHSA-m8cj-3v68-3cxj", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m8cj-3v68-3cxj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32194?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/32193?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/32195?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/30241?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-34102", "GHSA-m8cj-3v68-3cxj" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xgk2-yecx-q3ff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88657?format=api", "vulnerability_id": "VCID-xjd4-w9bn-mbex", "summary": "Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access leading to a limited impact to confidentiality and a high impact to integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-43585", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69786", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69797", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69695", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.698", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-43585" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43585", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43585" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html", "reference_id": "apsb25-50.html", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T17:23:05Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html" }, { "reference_url": "https://github.com/advisories/GHSA-r487-9vv5-75gg", "reference_id": "GHSA-r487-9vv5-75gg", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r487-9vv5-75gg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/378550?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/378549?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/378548?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/34327?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-43585", "GHSA-r487-9vv5-75gg" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xjd4-w9bn-mbex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97932?format=api", "vulnerability_id": "VCID-xqc4-jf6e-abfg", "summary": "Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49549", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.67108", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.67016", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.67121", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49549" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49549", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49549" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html", "reference_id": "apsb25-50.html", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T18:12:28Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html" }, { "reference_url": "https://github.com/advisories/GHSA-85jx-x9r4-45m2", "reference_id": "GHSA-85jx-x9r4-45m2", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-85jx-x9r4-45m2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/378550?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/378549?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/378548?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/34327?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-49549", "GHSA-85jx-x9r4-45m2" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xqc4-jf6e-abfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/119460?format=api", "vulnerability_id": "VCID-z97t-ffda-vfes", "summary": "Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Scope is changed to that of other high-privileged accounts, leading to a high impact on confidentiality, integrity, and availability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47110", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72772", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72682", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72759", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72774", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47110" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47110", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47110" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html", "reference_id": "apsb25-50.html", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-10T18:09:25Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html" }, { "reference_url": "https://github.com/advisories/GHSA-j934-vjh5-vf9r", "reference_id": "GHSA-j934-vjh5-vf9r", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j934-vjh5-vf9r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/378550?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/378549?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/378548?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/378782?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/34327?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-47110", "GHSA-j934-vjh5-vf9r" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z97t-ffda-vfes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124512?format=api", "vulnerability_id": "VCID-za87-d5x9-wuby", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24413", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80377", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80368", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.803", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80361", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24413" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24413", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24413" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:44Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-xwgx-8v72-4j5j", "reference_id": "GHSA-xwgx-8v72-4j5j", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xwgx-8v72-4j5j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24413", "GHSA-xwgx-8v72-4j5j" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-za87-d5x9-wuby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49810?format=api", "vulnerability_id": "VCID-zthr-mpwx-1fef", "summary": "Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A low-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction..", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34111", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73857", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73855", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73767", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73841", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34111" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799" }, { "reference_url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2" }, { "reference_url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c" }, { "reference_url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html", "reference_id": "apsb24-40.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T21:18:03Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34111", "reference_id": "CVE-2024-34111", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34111" }, { "reference_url": "https://github.com/advisories/GHSA-jmqp-r3gg-6jh3", "reference_id": "GHSA-jmqp-r3gg-6jh3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jmqp-r3gg-6jh3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32194?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/32193?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/32195?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/30241?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-34111", "GHSA-jmqp-r3gg-6jh3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zthr-mpwx-1fef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49344?format=api", "vulnerability_id": "VCID-zv6m-4py8-3ydq", "summary": "Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34105", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01961", "scoring_system": "epss", "scoring_elements": "0.83955", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01961", "scoring_system": "epss", "scoring_elements": "0.83951", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01961", "scoring_system": "epss", "scoring_elements": "0.8389", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01961", "scoring_system": "epss", "scoring_elements": "0.83947", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34105" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799" }, { "reference_url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2" }, { "reference_url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c" }, { "reference_url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html", "reference_id": "apsb24-40.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T16:04:12Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34105", "reference_id": "CVE-2024-34105", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34105" }, { "reference_url": "https://github.com/advisories/GHSA-5632-wq7m-gfq9", "reference_id": "GHSA-5632-wq7m-gfq9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5632-wq7m-gfq9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32194?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/32193?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/32195?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/30241?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-34105", "GHSA-5632-wq7m-gfq9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zv6m-4py8-3ydq" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210321?format=api", "vulnerability_id": "VCID-164z-z5n3-wuhx", "summary": "Magento Insufficient Session Expiration", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21031", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38287", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38112", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38298", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.3831", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21031" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21031", "reference_id": "CVE-2021-21031", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21031" }, { "reference_url": "https://github.com/advisories/GHSA-4h3p-63x6-vwg2", "reference_id": "GHSA-4h3p-63x6-vwg2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4h3p-63x6-vwg2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22553?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xnah-kn74-yuhk" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/22778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" } ], "aliases": [ "CVE-2021-21031", "GHSA-4h3p-63x6-vwg2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-164z-z5n3-wuhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210317?format=api", "vulnerability_id": "VCID-1bn5-82qw-k3a6", "summary": "Magento stored cross-site scripting vulnerability in the admin console", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03783", "scoring_system": "epss", "scoring_elements": "0.88368", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.03783", "scoring_system": "epss", "scoring_elements": "0.88329", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.03783", "scoring_system": "epss", "scoring_elements": "0.88373", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.03783", "scoring_system": "epss", "scoring_elements": "0.88374", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21023" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21023", "reference_id": "CVE-2021-21023", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21023" }, { "reference_url": "https://github.com/advisories/GHSA-h5rm-m772-6qcx", "reference_id": "GHSA-h5rm-m772-6qcx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h5rm-m772-6qcx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22553?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xnah-kn74-yuhk" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/22778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" } ], "aliases": [ "CVE-2021-21023", "GHSA-h5rm-m772-6qcx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1bn5-82qw-k3a6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210320?format=api", "vulnerability_id": "VCID-3w6r-qvwp-cudu", "summary": "Magento stored cross-site scripting (XSS) in the customer address upload feature", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21030", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06281", "scoring_system": "epss", "scoring_elements": "0.91163", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.06281", "scoring_system": "epss", "scoring_elements": "0.91131", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.06281", "scoring_system": "epss", "scoring_elements": "0.91168", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.06281", "scoring_system": "epss", "scoring_elements": "0.91169", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21030" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21030", "reference_id": "CVE-2021-21030", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21030" }, { "reference_url": "https://github.com/advisories/GHSA-6988-g89m-27vf", "reference_id": "GHSA-6988-g89m-27vf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6988-g89m-27vf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22553?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xnah-kn74-yuhk" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/22778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" } ], "aliases": [ "CVE-2021-21030", "GHSA-6988-g89m-27vf" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3w6r-qvwp-cudu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210310?format=api", "vulnerability_id": "VCID-9qq4-5w4p-wfez", "summary": "Magento XPath Injection", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21025", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04724", "scoring_system": "epss", "scoring_elements": "0.89666", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.04724", "scoring_system": "epss", "scoring_elements": "0.89631", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04724", "scoring_system": "epss", "scoring_elements": "0.89672", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.04724", "scoring_system": "epss", "scoring_elements": "0.89673", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21025" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21025", "reference_id": "CVE-2021-21025", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21025" }, { "reference_url": "https://github.com/advisories/GHSA-h437-qjj9-vmq4", "reference_id": "GHSA-h437-qjj9-vmq4", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h437-qjj9-vmq4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22776?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-164z-z5n3-wuhx" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bn5-82qw-k3a6" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w6r-qvwp-cudu" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fa8x-8f5h-vqdu" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ns1n-29x8-6yg5" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-t9m9-by2s-rkb9" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-vd65-b296-q7d3" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x6pu-mp7j-23a1" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-ybf1-t7ha-cbbk" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z5p1-rdeh-p3e5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/22778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" } ], "aliases": [ "CVE-2021-21025", "GHSA-h437-qjj9-vmq4" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9qq4-5w4p-wfez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210314?format=api", "vulnerability_id": "VCID-cxfd-jhqn-m3bb", "summary": "Magento Insecure Direct Object Reference (IDOR) in the product module", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36027", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.35846", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36037", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.3605", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21022" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21022", "reference_id": "CVE-2021-21022", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21022" }, { "reference_url": "https://github.com/advisories/GHSA-8pfq-g48p-x7w8", "reference_id": "GHSA-8pfq-g48p-x7w8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8pfq-g48p-x7w8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22776?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-164z-z5n3-wuhx" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bn5-82qw-k3a6" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w6r-qvwp-cudu" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fa8x-8f5h-vqdu" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ns1n-29x8-6yg5" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-t9m9-by2s-rkb9" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-vd65-b296-q7d3" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x6pu-mp7j-23a1" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-ybf1-t7ha-cbbk" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z5p1-rdeh-p3e5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/22778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" } ], "aliases": [ "CVE-2021-21022", "GHSA-8pfq-g48p-x7w8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cxfd-jhqn-m3bb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210315?format=api", "vulnerability_id": "VCID-fa8x-8f5h-vqdu", "summary": "Magento Insufficient Session Expiration", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21032", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38287", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38112", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38298", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.3831", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21032" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21032", "reference_id": "CVE-2021-21032", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21032" }, { "reference_url": "https://github.com/advisories/GHSA-4jfq-f8hc-775q", "reference_id": "GHSA-4jfq-f8hc-775q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4jfq-f8hc-775q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22553?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xnah-kn74-yuhk" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/22778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" } ], "aliases": [ "CVE-2021-21032", "GHSA-4jfq-f8hc-775q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fa8x-8f5h-vqdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210319?format=api", "vulnerability_id": "VCID-ns1n-29x8-6yg5", "summary": "Magento Blind SQL Injection in the Search module", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21024", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02071", "scoring_system": "epss", "scoring_elements": "0.8437", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02071", "scoring_system": "epss", "scoring_elements": "0.84315", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02071", "scoring_system": "epss", "scoring_elements": "0.84372", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.02071", "scoring_system": "epss", "scoring_elements": "0.84379", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21024" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21024", "reference_id": "CVE-2021-21024", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21024" }, { "reference_url": "https://github.com/advisories/GHSA-rj4f-cp4v-hvcv", "reference_id": "GHSA-rj4f-cp4v-hvcv", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rj4f-cp4v-hvcv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22776?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-164z-z5n3-wuhx" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bn5-82qw-k3a6" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w6r-qvwp-cudu" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fa8x-8f5h-vqdu" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ns1n-29x8-6yg5" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-t9m9-by2s-rkb9" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-vd65-b296-q7d3" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x6pu-mp7j-23a1" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-ybf1-t7ha-cbbk" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z5p1-rdeh-p3e5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/22553?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xnah-kn74-yuhk" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/22778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" } ], "aliases": [ "CVE-2021-21024", "GHSA-rj4f-cp4v-hvcv" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ns1n-29x8-6yg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210316?format=api", "vulnerability_id": "VCID-t9m9-by2s-rkb9", "summary": "Magento Reflected Cross-site Scripting vulnerability via 'file' parameter", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21029", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.43501", "scoring_system": "epss", "scoring_elements": "0.97607", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.43501", "scoring_system": "epss", "scoring_elements": "0.97598", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.43501", "scoring_system": "epss", "scoring_elements": "0.97608", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21029" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497" }, { "reference_url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21029", "reference_id": "CVE-2021-21029", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21029" }, { "reference_url": "https://github.com/advisories/GHSA-jwxh-wj79-ccm6", "reference_id": "GHSA-jwxh-wj79-ccm6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jwxh-wj79-ccm6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22776?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-164z-z5n3-wuhx" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bn5-82qw-k3a6" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w6r-qvwp-cudu" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fa8x-8f5h-vqdu" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ns1n-29x8-6yg5" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-t9m9-by2s-rkb9" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-vd65-b296-q7d3" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x6pu-mp7j-23a1" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-ybf1-t7ha-cbbk" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z5p1-rdeh-p3e5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/22553?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xnah-kn74-yuhk" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/22778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/22774?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2" } ], "aliases": [ "CVE-2021-21029", "GHSA-jwxh-wj79-ccm6" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t9m9-by2s-rkb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210308?format=api", "vulnerability_id": "VCID-vd65-b296-q7d3", "summary": "Magento Improper Access Control", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21020", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29314", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29115", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29323", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29335", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21020" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21020", "reference_id": "CVE-2021-21020", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21020" }, { "reference_url": "https://github.com/advisories/GHSA-2j6v-829g-885q", "reference_id": "GHSA-2j6v-829g-885q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2j6v-829g-885q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22553?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xnah-kn74-yuhk" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/22778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" } ], "aliases": [ "CVE-2021-21020", "GHSA-2j6v-829g-885q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vd65-b296-q7d3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210306?format=api", "vulnerability_id": "VCID-x6pu-mp7j-23a1", "summary": "Magento OS command injection via the customer attribute save controller", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21015", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04856", "scoring_system": "epss", "scoring_elements": "0.89814", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.04856", "scoring_system": "epss", "scoring_elements": "0.8978", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04856", "scoring_system": "epss", "scoring_elements": "0.89818", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.04856", "scoring_system": "epss", "scoring_elements": "0.8982", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21015" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497" }, { "reference_url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21015", "reference_id": "CVE-2021-21015", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21015" }, { "reference_url": "https://github.com/advisories/GHSA-w2p4-2c8c-2g7h", "reference_id": "GHSA-w2p4-2c8c-2g7h", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w2p4-2c8c-2g7h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22776?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-164z-z5n3-wuhx" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bn5-82qw-k3a6" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w6r-qvwp-cudu" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fa8x-8f5h-vqdu" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ns1n-29x8-6yg5" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-t9m9-by2s-rkb9" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-vd65-b296-q7d3" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x6pu-mp7j-23a1" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-ybf1-t7ha-cbbk" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z5p1-rdeh-p3e5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/22553?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xnah-kn74-yuhk" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/22778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/22774?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2" } ], "aliases": [ "CVE-2021-21015", "GHSA-w2p4-2c8c-2g7h" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x6pu-mp7j-23a1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210311?format=api", "vulnerability_id": "VCID-ybf1-t7ha-cbbk", "summary": "Magento OS Command Injection", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21018", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06906", "scoring_system": "epss", "scoring_elements": "0.91623", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.06906", "scoring_system": "epss", "scoring_elements": "0.91594", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.06906", "scoring_system": "epss", "scoring_elements": "0.91627", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.06906", "scoring_system": "epss", "scoring_elements": "0.9163", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21018" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21018", "reference_id": "CVE-2021-21018", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21018" }, { "reference_url": "https://github.com/advisories/GHSA-rv48-v862-mp92", "reference_id": "GHSA-rv48-v862-mp92", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rv48-v862-mp92" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22553?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xnah-kn74-yuhk" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/22778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" } ], "aliases": [ "CVE-2021-21018", "GHSA-rv48-v862-mp92" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ybf1-t7ha-cbbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210318?format=api", "vulnerability_id": "VCID-z5p1-rdeh-p3e5", "summary": "Magento XML injection in the Widgets module", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21019", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04035", "scoring_system": "epss", "scoring_elements": "0.88792", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.04035", "scoring_system": "epss", "scoring_elements": "0.88753", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04035", "scoring_system": "epss", "scoring_elements": "0.88797", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.04035", "scoring_system": "epss", "scoring_elements": "0.88799", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21019" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21019", "reference_id": "CVE-2021-21019", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21019" }, { "reference_url": "https://github.com/advisories/GHSA-mw95-gmw4-883p", "reference_id": "GHSA-mw95-gmw4-883p", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mw95-gmw4-883p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/22776?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-164z-z5n3-wuhx" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bn5-82qw-k3a6" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3w6r-qvwp-cudu" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fa8x-8f5h-vqdu" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ns1n-29x8-6yg5" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-t9m9-by2s-rkb9" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-vd65-b296-q7d3" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x6pu-mp7j-23a1" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-ybf1-t7ha-cbbk" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z5p1-rdeh-p3e5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/22553?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1nhy-rppa-3ugt" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-29d9-8pwn-xuew" }, { "vulnerability": "VCID-2cra-khmt-jfgr" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-42ja-fh9j-fqcc" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4dqv-w8zx-jbfx" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5a9b-cba8-mbas" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-68y4-rbft-7qd4" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-7ygu-rw4h-gqea" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-9yw4-j8uq-guaz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bbvn-enze-yyb6" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dj4m-m82g-7ybz" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e22v-vjrd-v3gx" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eebb-ec8n-fkh4" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-k7kn-kacp-rqa6" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n3fq-47aa-qff7" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pk6p-a3rt-h7df" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qry6-3fd2-xbha" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s6y3-6ycj-vugy" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7kq-477v-jqc5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-uz87-qmx6-wbh3" }, { "vulnerability": "VCID-v5gv-qmy3-67fd" }, { "vulnerability": "VCID-veep-9n16-y7bv" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vv16-jtmz-9yar" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xnah-kn74-yuhk" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-yw2c-atdh-jucd" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zffj-3gkp-nycc" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zw8c-fe8p-e7e3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/22778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2sac-dap5-67cm" }, { "vulnerability": "VCID-2zcu-9c1u-2fhg" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4h6z-sxux-1fc8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-4ujh-geum-9bbv" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-7nw6-fepu-jqg1" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-c26k-zm91-eufg" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-cz7e-3kqn-gqfm" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fs2p-2pcw-pkbg" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-hex3-vh93-53em" }, { "vulnerability": "VCID-hg41-tf2t-4yew" }, { "vulnerability": "VCID-huy7-57jw-z3bp" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-mtu1-7ww6-vucq" }, { "vulnerability": "VCID-n4vb-dqt3-g3ff" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-p7w3-uwrr-w3gv" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-pna2-wk6m-e3gu" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pwax-36m7-2kby" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qhah-73w3-sqbp" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qs5t-4dc4-xyed" }, { "vulnerability": "VCID-qvq2-tfke-w7g8" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-st4g-zp7x-u3ba" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-uyhy-7kvj-8be1" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-w54j-vx36-3qhs" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wsu4-ubj1-rfea" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-x8wc-8zj4-1qgx" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" } ], "aliases": [ "CVE-2021-21019", "GHSA-mw95-gmw4-883p" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z5p1-rdeh-p3e5" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" }