Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/56763?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/56763?format=api", "purl": "pkg:composer/magento/community-edition@2.3.0", "type": "composer", "namespace": "magento", "name": "community-edition", "version": "2.3.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.3.4-p2", "latest_non_vulnerable_version": "2.4.9-alpha3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148979?format=api", "vulnerability_id": "VCID-1q42-wbp4-c3cs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8153", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.15072", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8153" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8153.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8153.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/c6ab7ac38f25309318e5819d4bdd936b2a0cf6bd", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c6ab7ac38f25309318e5819d4bdd936b2a0cf6bd" }, { "reference_url": "https://github.com/magento/magento2/commit/f5eb758c12a2c40ba3fe38ce44b46192494f4ff8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/f5eb758c12a2c40ba3fe38ce44b46192494f4ff8" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8153", "reference_id": "CVE-2019-8153", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8153" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8153", "GHSA-273r-v888-vgc6" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1q42-wbp4-c3cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/167998?format=api", "vulnerability_id": "VCID-31gu-5peh-jyf8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9579", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0622", "scoring_system": "epss", "scoring_elements": "0.91021", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9579" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/52d92dbd07f09620d23693ba0c4d4bdb4ba09916", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/52d92dbd07f09620d23693ba0c4d4bdb4ba09916" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-22.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-22.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9579", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9579" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213672?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4-p2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/417706?format=api", "purl": "pkg:composer/magento/community-edition@2.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.5" } ], "aliases": [ "CVE-2020-9579", "GHSA-vrp3-wc28-qg2h" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-31gu-5peh-jyf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148717?format=api", "vulnerability_id": "VCID-34a4-y3sn-97cp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7857", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09776", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7857" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7857.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7857.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7857", "reference_id": "CVE-2019-7857", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7857" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7857", "GHSA-f6ww-vqw2-xp3v" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-34a4-y3sn-97cp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148970?format=api", "vulnerability_id": "VCID-3d5m-3y1r-hufv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8144", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02899", "scoring_system": "epss", "scoring_elements": "0.86599", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8144" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8144.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8144.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8144", "reference_id": "CVE-2019-8144", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8144" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8144", "GHSA-vpg9-gq7j-mxqg" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3d5m-3y1r-hufv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148774?format=api", "vulnerability_id": "VCID-3w85-cjt6-1kgv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7937", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7937" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7937.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7937.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7937", "reference_id": "CVE-2019-7937", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7937" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7937", "GHSA-94fc-rxhv-vvf8" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3w85-cjt6-1kgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148947?format=api", "vulnerability_id": "VCID-5qpw-hn7v-n7dk", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8121", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39354", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8121" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8121", "reference_id": "CVE-2019-8121", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8121" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8121.yaml", "reference_id": "CVE-2019-8121.YAML", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8121.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-89ch-hqf9-rgp3", "reference_id": "GHSA-89ch-hqf9-rgp3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-89ch-hqf9-rgp3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8121", "GHSA-89ch-hqf9-rgp3" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5qpw-hn7v-n7dk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148743?format=api", "vulnerability_id": "VCID-73jm-z8yc-n3eh", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7887", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23629", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7887" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7887.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7887.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7887.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7887.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7887.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7887.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7887", "reference_id": "CVE-2019-7887", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7887" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7887", "GHSA-rj8f-g5gm-jw5c" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-73jm-z8yc-n3eh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148756?format=api", "vulnerability_id": "VCID-77v3-4g9b-mbg8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7909", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7909" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7909.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7909.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7909.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7909.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7909.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7909.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7909", "reference_id": "CVE-2019-7909", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7909" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7909", "GHSA-pw2f-m22m-p75c" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-77v3-4g9b-mbg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/149058?format=api", "vulnerability_id": "VCID-77zn-ju3v-p3cs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8232", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.34927", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8232" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/supee-11219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://magento.com/security/patches/supee-11219" }, { "reference_url": "https://web.archive.org/web/20211209030216/https://magento.com/security/patches/supee-11219", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211209030216/https://magento.com/security/patches/supee-11219" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8232", "reference_id": "CVE-2019-8232", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8232" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8232", "GHSA-6vc8-3xf2-qrxx" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-77zn-ju3v-p3cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199792?format=api", "vulnerability_id": "VCID-86h6-jwyx-8yf2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34257", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73815", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34257" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:02Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34257", "reference_id": "CVE-2022-34257", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34257" }, { "reference_url": "https://github.com/advisories/GHSA-rg7p-wmgj-f374", "reference_id": "GHSA-rg7p-wmgj-f374", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rg7p-wmgj-f374" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78818?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7-p4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/78817?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/63236?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34257", "GHSA-rg7p-wmgj-f374" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-86h6-jwyx-8yf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148750?format=api", "vulnerability_id": "VCID-8azw-t94j-7bda", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7897" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7897.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7897.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7897.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7897.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7897.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7897.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7897", "reference_id": "CVE-2019-7897", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7897" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7897", "GHSA-jxp3-mmw7-8285" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8azw-t94j-7bda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199794?format=api", "vulnerability_id": "VCID-8kar-95vh-ube3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34259", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46054", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34259" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:06:18Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34259", "reference_id": "CVE-2022-34259", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34259" }, { "reference_url": "https://github.com/advisories/GHSA-9wjf-94h3-r4rh", "reference_id": "GHSA-9wjf-94h3-r4rh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9wjf-94h3-r4rh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78818?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7-p4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/78817?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/63236?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34259", "GHSA-9wjf-94h3-r4rh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8kar-95vh-ube3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148738?format=api", "vulnerability_id": "VCID-94dk-wkd1-ryg5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7880", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7880" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7880.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7880.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7880", "reference_id": "CVE-2019-7880", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7880" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7880", "GHSA-ccjm-rgm5-rjjh" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-94dk-wkd1-ryg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148748?format=api", "vulnerability_id": "VCID-9bs6-bkg5-5ygw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7895", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00897", "scoring_system": "epss", "scoring_elements": "0.75972", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7895" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7895.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7895.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7895", "reference_id": "CVE-2019-7895", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7895" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7895", "GHSA-mw5w-cf76-73m8" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9bs6-bkg5-5ygw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148975?format=api", "vulnerability_id": "VCID-bbcz-wtzb-x3cv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8149", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62451", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8149" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8149", "reference_id": "CVE-2019-8149", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8149" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8149.yaml", "reference_id": "CVE-2019-8149.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8149.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-8mwx-wpp4-5xh4", "reference_id": "GHSA-8mwx-wpp4-5xh4", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8mwx-wpp4-5xh4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8149", "GHSA-8mwx-wpp4-5xh4" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bbcz-wtzb-x3cv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199793?format=api", "vulnerability_id": "VCID-cd1x-g9b4-6ufh", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34258", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16184", "scoring_system": "epss", "scoring_elements": "0.94918", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34258" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:10Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34258", "reference_id": "CVE-2022-34258", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34258" }, { "reference_url": "https://github.com/advisories/GHSA-5m55-g8pv-x8ww", "reference_id": "GHSA-5m55-g8pv-x8ww", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5m55-g8pv-x8ww" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78818?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7-p4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/78817?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/63236?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34258", "GHSA-5m55-g8pv-x8ww" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cd1x-g9b4-6ufh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148755?format=api", "vulnerability_id": "VCID-ckmz-vs6x-sqgw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7908", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7908" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7908.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7908.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7908", "reference_id": "CVE-2019-7908", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7908" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7908", "GHSA-mgfv-4whf-c574" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ckmz-vs6x-sqgw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/168010?format=api", "vulnerability_id": "VCID-curx-pg5d-3qfv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9591", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01311", "scoring_system": "epss", "scoring_elements": "0.80129", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9591" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-22.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-22.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9591", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9591" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213672?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4-p2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/417706?format=api", "purl": "pkg:composer/magento/community-edition@2.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.5" } ], "aliases": [ "CVE-2020-9591", "GHSA-w7rh-9w5v-rwqj" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-curx-pg5d-3qfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163886?format=api", "vulnerability_id": "VCID-dcfx-5qz2-aybr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3758", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46684", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3758" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3758", "reference_id": "CVE-2020-3758", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3758" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3758", "GHSA-p5q3-xg47-653m" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dcfx-5qz2-aybr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148971?format=api", "vulnerability_id": "VCID-dnsm-c53q-w7en", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8145", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8145" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8145", "reference_id": "CVE-2019-8145", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8145" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8145.yaml", "reference_id": "CVE-2019-8145.YAML", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8145.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-xv69-f7x5-r4qw", "reference_id": "GHSA-xv69-f7x5-r4qw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xv69-f7x5-r4qw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8145", "GHSA-xv69-f7x5-r4qw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnsm-c53q-w7en" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163845?format=api", "vulnerability_id": "VCID-dsp2-hyhy-ekbj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3717", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51199", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3717" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3717", "reference_id": "CVE-2020-3717", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3717" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3717", "GHSA-874g-pxqp-frqp" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dsp2-hyhy-ekbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148739?format=api", "vulnerability_id": "VCID-e3hs-urj2-hugu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7881", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24783", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7881" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7881.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7881.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7881", "reference_id": "CVE-2019-7881", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7881" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7881", "GHSA-7xqv-jgv6-x2h8" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e3hs-urj2-hugu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/149059?format=api", "vulnerability_id": "VCID-em73-vxub-zbhg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8233", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56961", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8233" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8233", "reference_id": "CVE-2019-8233", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8233" }, { "reference_url": "https://github.com/advisories/GHSA-fm68-89m8-4gjj", "reference_id": "GHSA-fm68-89m8-4gjj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fm68-89m8-4gjj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8233", "GHSA-fm68-89m8-4gjj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-em73-vxub-zbhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148762?format=api", "vulnerability_id": "VCID-fw8t-pt9u-vbgn", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7923", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48848", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7923" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7923.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7923.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7923", "reference_id": "CVE-2019-7923", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7923" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7923", "GHSA-hvcp-jvx5-4pmp" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fw8t-pt9u-vbgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148976?format=api", "vulnerability_id": "VCID-gcy8-q3n4-euh5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8150", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01125", "scoring_system": "epss", "scoring_elements": "0.78592", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8150" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8150.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8150.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8150", "reference_id": "CVE-2019-8150", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8150" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8150", "GHSA-p783-gj6m-9r88" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gcy8-q3n4-euh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14058?format=api", "vulnerability_id": "VCID-hb1m-rxm7-nyga", "summary": "Information Exposure\nMagento is vulnerable to an Information Disclosure vulnerability when uploading a modified png file to a product image. Successful exploitation could lead to the disclosure of document root path by an unauthenticated attacker. Access to the admin console is required for successful exploitation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28566", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.73004", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28566" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28566", "reference_id": "CVE-2021-28566", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28566" }, { "reference_url": "https://github.com/advisories/GHSA-w942-fw92-mqm2", "reference_id": "GHSA-w942-fw92-mqm2", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w942-fw92-mqm2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/57944?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" } ], "aliases": [ "CVE-2021-28566", "GHSA-w942-fw92-mqm2" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hb1m-rxm7-nyga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148773?format=api", "vulnerability_id": "VCID-j6jh-447c-vbay", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7936", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7936" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7936.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7936.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7936", "reference_id": "CVE-2019-7936", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7936" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7936", "GHSA-mf6x-7766-5cg8" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j6jh-447c-vbay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148761?format=api", "vulnerability_id": "VCID-jbdw-8hjj-puh8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7921", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24783", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7921" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7921.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7921.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7921", "reference_id": "CVE-2019-7921", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7921" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7921", "GHSA-gg96-8w9x-7rx9" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jbdw-8hjj-puh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148972?format=api", "vulnerability_id": "VCID-m3p9-61rr-ubes", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8146", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8146" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8146.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8146.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8146", "reference_id": "CVE-2019-8146", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8146" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-8146", "GHSA-6m27-3r8q-c7f7" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m3p9-61rr-ubes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148973?format=api", "vulnerability_id": "VCID-m4pz-7xnk-8fdg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8147", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8147" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8147.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8147.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8147", "reference_id": "CVE-2019-8147", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8147" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8147", "GHSA-v8fg-p27h-mxjp" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m4pz-7xnk-8fdg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148977?format=api", "vulnerability_id": "VCID-n39v-vbhc-jkdq", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8151", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01105", "scoring_system": "epss", "scoring_elements": "0.78388", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8151" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8151.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8151.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8151", "reference_id": "CVE-2019-8151", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8151" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8151", "GHSA-f73h-224c-62qr" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n39v-vbhc-jkdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148715?format=api", "vulnerability_id": "VCID-nww3-kpvm-4ucu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7854", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24851", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7854" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7854.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7854.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7854", "reference_id": "CVE-2019-7854", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7854" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7854", "GHSA-hpxv-vpfv-7jc9" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nww3-kpvm-4ucu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148966?format=api", "vulnerability_id": "VCID-qfm1-jhuc-jybd", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8140", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47567", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8140" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8140.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8140.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8140", "reference_id": "CVE-2019-8140", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8140" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8140", "GHSA-7pr3-34rg-g53m" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qfm1-jhuc-jybd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163844?format=api", "vulnerability_id": "VCID-qp9f-r8g6-huhm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3716", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17339", "scoring_system": "epss", "scoring_elements": "0.95164", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3716" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3716", "reference_id": "CVE-2020-3716", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3716" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3716", "GHSA-9wc9-498w-h8xv" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qp9f-r8g6-huhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148716?format=api", "vulnerability_id": "VCID-qqqf-kw83-dfgb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7855", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42012", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7855" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7855.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7855.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7855", "reference_id": "CVE-2019-7855", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7855" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7855", "GHSA-2w26-gmqm-mc5p" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qqqf-kw83-dfgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148749?format=api", "vulnerability_id": "VCID-rcdf-rkqa-c7bk", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7896", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00897", "scoring_system": "epss", "scoring_elements": "0.75972", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7896" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7896.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7896.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7896", "reference_id": "CVE-2019-7896", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7896" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7896", "GHSA-2x55-mg9r-24f7" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rcdf-rkqa-c7bk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199789?format=api", "vulnerability_id": "VCID-t2pj-rv3r-7fda", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34254", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00599", "scoring_system": "epss", "scoring_elements": "0.69768", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34254" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:06Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34254", "reference_id": "CVE-2022-34254", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34254" }, { "reference_url": "https://github.com/advisories/GHSA-fx9g-g9q6-x3jx", "reference_id": "GHSA-fx9g-g9q6-x3jx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fx9g-g9q6-x3jx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78818?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7-p4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/78817?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/63236?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34254", "GHSA-fx9g-g9q6-x3jx" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t2pj-rv3r-7fda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148952?format=api", "vulnerability_id": "VCID-t3r4-hwfp-a7hv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8126", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28733", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8126" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8126", "reference_id": "CVE-2019-8126", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8126" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8126.yaml", "reference_id": "CVE-2019-8126.YAML", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8126.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-427g-2r83-3ccm", "reference_id": "GHSA-427g-2r83-3ccm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-427g-2r83-3ccm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8126", "GHSA-427g-2r83-3ccm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t3r4-hwfp-a7hv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148772?format=api", "vulnerability_id": "VCID-t74p-crez-wyhv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7935", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7935" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7935.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7935.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7935.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7935.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7935.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7935.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7935", "reference_id": "CVE-2019-7935", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7935" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7935", "GHSA-5c4g-p858-498x" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t74p-crez-wyhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13525?format=api", "vulnerability_id": "VCID-t7ae-1xen-tqav", "summary": "SQL Injection\nAn unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7139", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.60108", "scoring_system": "epss", "scoring_elements": "0.983", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7139" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://magento.com/security/patches/supee-11086", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/supee-11086" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://www.ambionics.io/blog/magento-sqli", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.ambionics.io/blog/magento-sqli" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7139", "reference_id": "CVE-2019-7139", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7139" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7139.yaml", "reference_id": "CVE-2019-7139.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7139.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7139.yaml", "reference_id": "CVE-2019-7139.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7139.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7139.yaml", "reference_id": "CVE-2019-7139.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7139.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-4j6w-9rf8-hg7r", "reference_id": "GHSA-4j6w-9rf8-hg7r", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4j6w-9rf8-hg7r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56767?format=api", "purl": "pkg:composer/magento/community-edition@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-34a4-y3sn-97cp" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3w85-cjt6-1kgv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-73jm-z8yc-n3eh" }, { "vulnerability": "VCID-77v3-4g9b-mbg8" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-8azw-t94j-7bda" }, { "vulnerability": "VCID-94dk-wkd1-ryg5" }, { "vulnerability": "VCID-9bs6-bkg5-5ygw" }, { "vulnerability": "VCID-ckmz-vs6x-sqgw" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-e3hs-urj2-hugu" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-fw8t-pt9u-vbgn" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-j6jh-447c-vbay" }, { "vulnerability": "VCID-jbdw-8hjj-puh8" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-nww3-kpvm-4ucu" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-qqqf-kw83-dfgb" }, { "vulnerability": "VCID-rcdf-rkqa-c7bk" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-t74p-crez-wyhv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-ucfx-6ktc-2bcp" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-wr3g-xf17-abcx" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-yh9f-v452-tub3" }, { "vulnerability": "VCID-yxpr-kard-n7cr" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7139", "GHSA-4j6w-9rf8-hg7r" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t7ae-1xen-tqav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163847?format=api", "vulnerability_id": "VCID-tr2c-pvrf-ybd8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3719", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.79849", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3719" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3719", "reference_id": "CVE-2020-3719", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3719" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3719", "GHSA-rr59-pjwj-6grj" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tr2c-pvrf-ybd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199791?format=api", "vulnerability_id": "VCID-trys-a3eq-y7fb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34256", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61518", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34256" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:06:22Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34256", "reference_id": "CVE-2022-34256", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34256" }, { "reference_url": "https://github.com/advisories/GHSA-r7mm-grf3-5fjv", "reference_id": "GHSA-r7mm-grf3-5fjv", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r7mm-grf3-5fjv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78818?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7-p4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/78817?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/63236?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34256", "GHSA-r7mm-grf3-5fjv" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-trys-a3eq-y7fb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148980?format=api", "vulnerability_id": "VCID-tszq-tsvs-sbcr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8154", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01125", "scoring_system": "epss", "scoring_elements": "0.78592", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8154" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8154", "reference_id": "CVE-2019-8154", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8154" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8154.yaml", "reference_id": "CVE-2019-8154.YAML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8154.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-4v2q-hjx3-c4vr", "reference_id": "GHSA-4v2q-hjx3-c4vr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4v2q-hjx3-c4vr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8154", "GHSA-4v2q-hjx3-c4vr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tszq-tsvs-sbcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148729?format=api", "vulnerability_id": "VCID-ucfx-6ktc-2bcp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7869", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21437", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7869" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7869.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7869.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7869", "reference_id": "CVE-2019-7869", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7869" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7869", "GHSA-9f4p-3jgf-98f5" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ucfx-6ktc-2bcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163846?format=api", "vulnerability_id": "VCID-vnpj-71vh-pkb2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3718", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08697", "scoring_system": "epss", "scoring_elements": "0.92612", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3718" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3718", "reference_id": "CVE-2020-3718", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3718" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3718", "GHSA-x9p7-vgp2-9pq2" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vnpj-71vh-pkb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148961?format=api", "vulnerability_id": "VCID-w91u-6r6q-zfd7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8135", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.77303", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8135" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8135", "reference_id": "CVE-2019-8135", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8135" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8135.yaml", "reference_id": "CVE-2019-8135.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8135.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-3q5x-7mxp-rp6j", "reference_id": "GHSA-3q5x-7mxp-rp6j", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3q5x-7mxp-rp6j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8135", "GHSA-3q5x-7mxp-rp6j" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w91u-6r6q-zfd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148728?format=api", "vulnerability_id": "VCID-wr3g-xf17-abcx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21437", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7868" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7868.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7868.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7868", "reference_id": "CVE-2019-7868", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7868" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7868", "GHSA-g4jh-vxqm-6fff" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wr3g-xf17-abcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163843?format=api", "vulnerability_id": "VCID-xpw6-2hr1-9qge", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3715", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45441", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3715" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3715", "reference_id": "CVE-2020-3715", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3715" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3715", "GHSA-mgg3-v948-2vgr" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xpw6-2hr1-9qge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148959?format=api", "vulnerability_id": "VCID-yeby-8p7j-7qaj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8133", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16475", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8133" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8133", "reference_id": "CVE-2019-8133", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8133" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8133.yaml", "reference_id": "CVE-2019-8133.YAML", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8133.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-62fx-3v4f-mwxm", "reference_id": "GHSA-62fx-3v4f-mwxm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-62fx-3v4f-mwxm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8133", "GHSA-62fx-3v4f-mwxm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yeby-8p7j-7qaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148740?format=api", "vulnerability_id": "VCID-yh9f-v452-tub3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7882", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24783", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7882" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7882.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7882.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7882.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7882.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7882.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7882.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7882", "reference_id": "CVE-2019-7882", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7882" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7882", "GHSA-ff7r-7rrm-wx6w" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yh9f-v452-tub3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148771?format=api", "vulnerability_id": "VCID-yxpr-kard-n7cr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7934" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7934.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7934.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7934.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7934.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7934.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7934.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7934", "reference_id": "CVE-2019-7934", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7934" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7934", "GHSA-77mv-p94f-qcq4" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yxpr-kard-n7cr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148978?format=api", "vulnerability_id": "VCID-z3g2-t29c-p3fb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8152", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8152" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-8152.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-8152.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-8152.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-8152.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8152.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8152.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://magento.com/security/patches/supee-11219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://magento.com/security/patches/supee-11219" }, { "reference_url": "https://web.archive.org/web/20211209030216/https://magento.com/security/patches/supee-11219", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211209030216/https://magento.com/security/patches/supee-11219" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8152", "reference_id": "CVE-2019-8152", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8152" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8152", "GHSA-jjmg-xmq2-g6ff" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z3g2-t29c-p3fb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199790?format=api", "vulnerability_id": "VCID-z5sv-b3wm-rqbe", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34255", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66786", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34255" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:06:09Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34255", "reference_id": "CVE-2022-34255", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34255" }, { "reference_url": "https://github.com/advisories/GHSA-x95x-f4g9-mm85", "reference_id": "GHSA-x95x-f4g9-mm85", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x95x-f4g9-mm85" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78818?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7-p4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/78817?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/63236?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34255", "GHSA-x95x-f4g9-mm85" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z5sv-b3wm-rqbe" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.0" }