Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/56764?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "type": "composer", "namespace": "magento", "name": "community-edition", "version": "2.0.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.3.7-p2", "latest_non_vulnerable_version": "2.4.9-alpha3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12036?format=api", "vulnerability_id": "VCID-36ac-e8pr-gkca", "summary": "Cross-Site Request Forgery (CSRF)\nMagento Community Edition and Enterprise Edition have CSRF resulting in deletion of a customer address from an address book, aka APPSEC-1433.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5301", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09149", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5301" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2010-and-212-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2010-and-212-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5301", "reference_id": "CVE-2018-5301", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5301" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/53780?format=api", "purl": "pkg:composer/magento/community-edition@2.0.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/53781?format=api", "purl": "pkg:composer/magento/community-edition@2.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-34a4-y3sn-97cp" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-3w85-cjt6-1kgv" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-73jm-z8yc-n3eh" }, { "vulnerability": "VCID-77v3-4g9b-mbg8" }, { "vulnerability": "VCID-8azw-t94j-7bda" }, { "vulnerability": "VCID-94dk-wkd1-ryg5" }, { "vulnerability": "VCID-9bs6-bkg5-5ygw" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-ckmz-vs6x-sqgw" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e3hs-urj2-hugu" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-fw8t-pt9u-vbgn" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-j6jh-447c-vbay" }, { "vulnerability": "VCID-jbdw-8hjj-puh8" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-nww3-kpvm-4ucu" }, { "vulnerability": "VCID-qqqf-kw83-dfgb" }, { "vulnerability": "VCID-rcdf-rkqa-c7bk" }, { "vulnerability": "VCID-t74p-crez-wyhv" }, { "vulnerability": "VCID-t7ae-1xen-tqav" }, { "vulnerability": "VCID-ucfx-6ktc-2bcp" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-wr3g-xf17-abcx" }, { "vulnerability": "VCID-yh9f-v452-tub3" }, { "vulnerability": "VCID-yxpr-kard-n7cr" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.2" } ], "aliases": [ "CVE-2018-5301", "GHSA-w3mq-67mw-3p9f" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-36ac-e8pr-gkca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/168108?format=api", "vulnerability_id": "VCID-3fwk-gzst-aycg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9690", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0047", "scoring_system": "epss", "scoring_elements": "0.64872", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9690" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/9436781734e47c83e96977fa770d255217680d5e", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/9436781734e47c83e96977fa770d255217680d5e" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-47.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-47.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9690", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9690" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77333?format=api", "purl": "pkg:composer/magento/community-edition@2.3.5-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.5-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/59701?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-4phr-amm7-q3he" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5wjs-5jc8-y7dv" }, { "vulnerability": "VCID-631j-28c3-zqam" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-eh85-akw2-4qby" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-f418-amxz-xfey" }, { "vulnerability": "VCID-fs6u-kx4y-nqbh" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gngq-4jm1-nffv" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-jgkp-2cew-c7hc" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mn2q-e59e-9bhu" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-ns3u-g7gm-kbfq" }, { "vulnerability": "VCID-p7gh-bgn5-kyfw" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u87h-sf89-k3ew" }, { "vulnerability": "VCID-u8ch-jew7-pubj" }, { "vulnerability": "VCID-wbj6-ehhe-ybf1" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0" } ], "aliases": [ "CVE-2020-9690", "GHSA-xgp9-j48h-jjf9" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3fwk-gzst-aycg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170767?format=api", "vulnerability_id": "VCID-4nuc-1pgt-4kdc", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21015", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04856", "scoring_system": "epss", "scoring_elements": "0.89709", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21015" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497" }, { "reference_url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21015", "reference_id": "CVE-2021-21015", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21015" }, { "reference_url": "https://github.com/advisories/GHSA-w2p4-2c8c-2g7h", "reference_id": "GHSA-w2p4-2c8c-2g7h", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w2p4-2c8c-2g7h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77496?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77497?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/57943?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2" } ], "aliases": [ "CVE-2021-21015", "GHSA-w2p4-2c8c-2g7h" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4nuc-1pgt-4kdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/158614?format=api", "vulnerability_id": "VCID-5mu4-9ruv-uke4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80194", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24408" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24408", "reference_id": "CVE-2020-24408", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24408" }, { "reference_url": "https://github.com/advisories/GHSA-jxjc-6xmh-h7mg", "reference_id": "GHSA-jxjc-6xmh-h7mg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jxjc-6xmh-h7mg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77287?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1" } ], "aliases": [ "CVE-2020-24408", "GHSA-jxjc-6xmh-h7mg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5mu4-9ruv-uke4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/158606?format=api", "vulnerability_id": "VCID-5px5-varz-8qa5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24400", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49269", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24400" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24400", "reference_id": "CVE-2020-24400", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24400" }, { "reference_url": "https://github.com/advisories/GHSA-pf6w-3pfw-fxvw", "reference_id": "GHSA-pf6w-3pfw-fxvw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pf6w-3pfw-fxvw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77287?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1" } ], "aliases": [ "CVE-2020-24400", "GHSA-pf6w-3pfw-fxvw" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5px5-varz-8qa5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170781?format=api", "vulnerability_id": "VCID-9ph3-z1rw-kqhc", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21029", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.43501", "scoring_system": "epss", "scoring_elements": "0.97574", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21029" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497" }, { "reference_url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21029", "reference_id": "CVE-2021-21029", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21029" }, { "reference_url": "https://github.com/advisories/GHSA-jwxh-wj79-ccm6", "reference_id": "GHSA-jwxh-wj79-ccm6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jwxh-wj79-ccm6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77496?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77497?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/57943?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2" } ], "aliases": [ "CVE-2021-21029", "GHSA-jwxh-wj79-ccm6" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ph3-z1rw-kqhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/158612?format=api", "vulnerability_id": "VCID-brvc-xvms-zqf4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24406", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.53005", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24406" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24406", "reference_id": "CVE-2020-24406", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24406" }, { "reference_url": "https://github.com/advisories/GHSA-mr8q-7f5j-wc79", "reference_id": "GHSA-mr8q-7f5j-wc79", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mr8q-7f5j-wc79" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77287?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1" } ], "aliases": [ "CVE-2020-24406", "GHSA-mr8q-7f5j-wc79" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-brvc-xvms-zqf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170770?format=api", "vulnerability_id": "VCID-bxmb-sb7p-dkgm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21018", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06906", "scoring_system": "epss", "scoring_elements": "0.91531", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21018" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21018", "reference_id": "CVE-2021-21018", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21018" }, { "reference_url": "https://github.com/advisories/GHSA-rv48-v862-mp92", "reference_id": "GHSA-rv48-v862-mp92", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rv48-v862-mp92" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77497?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" } ], "aliases": [ "CVE-2021-21018", "GHSA-rv48-v862-mp92" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bxmb-sb7p-dkgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/154984?format=api", "vulnerability_id": "VCID-dvs4-arma-2ke4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15151", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25177", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15151" }, { "reference_url": "https://github.com/OpenMage/magento-lts", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/OpenMage/magento-lts" }, { "reference_url": "https://github.com/OpenMage/magento-lts/commit/7c526bc6a6a51b57a1bab4c60f104dc36cde347a", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/OpenMage/magento-lts/commit/7c526bc6a6a51b57a1bab4c60f104dc36cde347a" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-47.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-47.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15151", "reference_id": "CVE-2020-15151", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15151" }, { "reference_url": "https://github.com/advisories/GHSA-crf2-xm6x-46p6", "reference_id": "GHSA-crf2-xm6x-46p6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-crf2-xm6x-46p6" }, { "reference_url": "https://github.com/OpenMage/magento-lts/security/advisories/GHSA-crf2-xm6x-46p6", "reference_id": "GHSA-crf2-xm6x-46p6", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/OpenMage/magento-lts/security/advisories/GHSA-crf2-xm6x-46p6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/59701?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-4phr-amm7-q3he" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5wjs-5jc8-y7dv" }, { "vulnerability": "VCID-631j-28c3-zqam" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-eh85-akw2-4qby" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-f418-amxz-xfey" }, { "vulnerability": "VCID-fs6u-kx4y-nqbh" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gngq-4jm1-nffv" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-jgkp-2cew-c7hc" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mn2q-e59e-9bhu" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-ns3u-g7gm-kbfq" }, { "vulnerability": "VCID-p7gh-bgn5-kyfw" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u87h-sf89-k3ew" }, { "vulnerability": "VCID-u8ch-jew7-pubj" }, { "vulnerability": "VCID-wbj6-ehhe-ybf1" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0" } ], "aliases": [ "CVE-2020-15151", "GHSA-crf2-xm6x-46p6" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dvs4-arma-2ke4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106238?format=api", "vulnerability_id": "VCID-e514-8tra-9kg2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6485", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24514", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6485" }, { "reference_url": "https://github.com/magento/magento2/pull/15017", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/pull/15017" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/07/19/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2016/07/19/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/07/27/14", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2016/07/27/14" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6485", "reference_id": "CVE-2016-6485", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6485" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2016-6485.yaml", "reference_id": "CVE-2016-6485.YAML", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2016-6485.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-h7qw-mxrm-c6h2", "reference_id": "GHSA-h7qw-mxrm-c6h2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h7qw-mxrm-c6h2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74398?format=api", "purl": "pkg:composer/magento/community-edition@2.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-34a4-y3sn-97cp" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-3w85-cjt6-1kgv" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-73jm-z8yc-n3eh" }, { "vulnerability": "VCID-77v3-4g9b-mbg8" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-8azw-t94j-7bda" }, { "vulnerability": "VCID-94dk-wkd1-ryg5" }, { "vulnerability": "VCID-9bs6-bkg5-5ygw" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-ckmz-vs6x-sqgw" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e3hs-urj2-hugu" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-fw8t-pt9u-vbgn" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-j6jh-447c-vbay" }, { "vulnerability": "VCID-jbdw-8hjj-puh8" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-nww3-kpvm-4ucu" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-qqqf-kw83-dfgb" }, { "vulnerability": "VCID-rcdf-rkqa-c7bk" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-t74p-crez-wyhv" }, { "vulnerability": "VCID-t7ae-1xen-tqav" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-ucfx-6ktc-2bcp" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-wr3g-xf17-abcx" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-yh9f-v452-tub3" }, { "vulnerability": "VCID-yxpr-kard-n7cr" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.6" } ], "aliases": [ "CVE-2016-6485", "GHSA-h7qw-mxrm-c6h2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e514-8tra-9kg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/158611?format=api", "vulnerability_id": "VCID-evsh-gg3x-bfda", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24405", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24879", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24405" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24405", "reference_id": "CVE-2020-24405", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24405" }, { "reference_url": "https://github.com/advisories/GHSA-p7m7-j8jv-393q", "reference_id": "GHSA-p7m7-j8jv-393q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p7m7-j8jv-393q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77287?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1" } ], "aliases": [ "CVE-2020-24405", "GHSA-p7m7-j8jv-393q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-evsh-gg3x-bfda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/158610?format=api", "vulnerability_id": "VCID-fu9d-vb4r-vkhm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24404", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50909", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24404" }, { "reference_url": "https://devdocs.magento.com/guides/v2.3/release-notes/open-source-2-3-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://devdocs.magento.com/guides/v2.3/release-notes/open-source-2-3-6.html" }, { "reference_url": "https://experienceleague.adobe.com/docs/commerce-operations/release/notes/magento-open-source/2-4-1.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://experienceleague.adobe.com/docs/commerce-operations/release/notes/magento-open-source/2-4-1.html" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24404", "reference_id": "CVE-2020-24404", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24404" }, { "reference_url": "https://github.com/advisories/GHSA-rwf7-652f-76mv", "reference_id": "GHSA-rwf7-652f-76mv", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rwf7-652f-76mv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77287?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1" } ], "aliases": [ "CVE-2020-24404", "GHSA-rwf7-652f-76mv" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fu9d-vb4r-vkhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14058?format=api", "vulnerability_id": "VCID-hb1m-rxm7-nyga", "summary": "Information Exposure\nMagento is vulnerable to an Information Disclosure vulnerability when uploading a modified png file to a product image. Successful exploitation could lead to the disclosure of document root path by an unauthenticated attacker. Access to the admin console is required for successful exploitation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28566", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.73004", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28566" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28566", "reference_id": "CVE-2021-28566", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28566" }, { "reference_url": "https://github.com/advisories/GHSA-w942-fw92-mqm2", "reference_id": "GHSA-w942-fw92-mqm2", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w942-fw92-mqm2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/57944?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65814?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3" } ], "aliases": [ "CVE-2021-28566", "GHSA-w942-fw92-mqm2" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hb1m-rxm7-nyga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175534?format=api", "vulnerability_id": "VCID-kf9w-4pch-5yhm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28563", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49261", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28563" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://github.com/magento/magento2/commit/ed952726c94e401e922e88490e41a536f2d850e7", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/ed952726c94e401e922e88490e41a536f2d850e7" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28563", "reference_id": "CVE-2021-28563", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28563" }, { "reference_url": "https://github.com/advisories/GHSA-q9xx-4689-gvv5", "reference_id": "GHSA-q9xx-4689-gvv5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q9xx-4689-gvv5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/57944?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" } ], "aliases": [ "CVE-2021-28563", "GHSA-q9xx-4689-gvv5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kf9w-4pch-5yhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170771?format=api", "vulnerability_id": "VCID-mxj2-c71n-3fgu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21019", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04035", "scoring_system": "epss", "scoring_elements": "0.8869", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21019" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21019", "reference_id": "CVE-2021-21019", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21019" }, { "reference_url": "https://github.com/advisories/GHSA-mw95-gmw4-883p", "reference_id": "GHSA-mw95-gmw4-883p", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mw95-gmw4-883p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77496?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77497?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" } ], "aliases": [ "CVE-2021-21019", "GHSA-mw95-gmw4-883p" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mxj2-c71n-3fgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/168110?format=api", "vulnerability_id": "VCID-vf84-53f7-4ffb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9692", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01607", "scoring_system": "epss", "scoring_elements": "0.82057", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9692" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/9436781734e47c83e96977fa770d255217680d5e", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/9436781734e47c83e96977fa770d255217680d5e" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-47.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-47.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9692", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9692" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77333?format=api", "purl": "pkg:composer/magento/community-edition@2.3.5-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.5-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/59701?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-4phr-amm7-q3he" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5wjs-5jc8-y7dv" }, { "vulnerability": "VCID-631j-28c3-zqam" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-eh85-akw2-4qby" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-f418-amxz-xfey" }, { "vulnerability": "VCID-fs6u-kx4y-nqbh" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gngq-4jm1-nffv" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-jgkp-2cew-c7hc" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mn2q-e59e-9bhu" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-ns3u-g7gm-kbfq" }, { "vulnerability": "VCID-p7gh-bgn5-kyfw" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u87h-sf89-k3ew" }, { "vulnerability": "VCID-u8ch-jew7-pubj" }, { "vulnerability": "VCID-wbj6-ehhe-ybf1" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0" } ], "aliases": [ "CVE-2020-9692", "GHSA-vqg7-8v6x-54rq" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vf84-53f7-4ffb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170776?format=api", "vulnerability_id": "VCID-zpae-wx95-83fa", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21024", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02071", "scoring_system": "epss", "scoring_elements": "0.84232", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21024" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21024", "reference_id": "CVE-2021-21024", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21024" }, { "reference_url": "https://github.com/advisories/GHSA-rj4f-cp4v-hvcv", "reference_id": "GHSA-rj4f-cp4v-hvcv", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rj4f-cp4v-hvcv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77496?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77497?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" } ], "aliases": [ "CVE-2021-21024", "GHSA-rj4f-cp4v-hvcv" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zpae-wx95-83fa" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/167998?format=api", "vulnerability_id": "VCID-31gu-5peh-jyf8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9579", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0622", "scoring_system": "epss", "scoring_elements": "0.91021", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9579" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/52d92dbd07f09620d23693ba0c4d4bdb4ba09916", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/52d92dbd07f09620d23693ba0c4d4bdb4ba09916" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-22.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-22.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9579", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9579" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433144?format=api", "purl": "pkg:composer/magento/community-edition@2.3.5-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.5-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/213672?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/417706?format=api", "purl": "pkg:composer/magento/community-edition@2.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.5" } ], "aliases": [ "CVE-2020-9579", "GHSA-vrp3-wc28-qg2h" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-31gu-5peh-jyf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/168010?format=api", "vulnerability_id": "VCID-curx-pg5d-3qfv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9591", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01311", "scoring_system": "epss", "scoring_elements": "0.80129", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9591" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-22.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-22.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9591", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9591" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433144?format=api", "purl": "pkg:composer/magento/community-edition@2.3.5-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.5-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/213672?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/417706?format=api", "purl": "pkg:composer/magento/community-edition@2.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.5" } ], "aliases": [ "CVE-2020-9591", "GHSA-w7rh-9w5v-rwqj" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-curx-pg5d-3qfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163886?format=api", "vulnerability_id": "VCID-dcfx-5qz2-aybr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3758", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46684", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3758" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3758", "reference_id": "CVE-2020-3758", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3758" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417330?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/417329?format=api", "purl": "pkg:composer/magento/community-edition@1.14.4%2B4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.14.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3758", "GHSA-p5q3-xg47-653m" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dcfx-5qz2-aybr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163845?format=api", "vulnerability_id": "VCID-dsp2-hyhy-ekbj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3717", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51199", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3717" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3717", "reference_id": "CVE-2020-3717", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3717" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417330?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/417329?format=api", "purl": "pkg:composer/magento/community-edition@1.14.4%2B4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.14.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3717", "GHSA-874g-pxqp-frqp" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dsp2-hyhy-ekbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/168083?format=api", "vulnerability_id": "VCID-nt8u-v7wd-a3d7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9665", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.69098", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9665" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-41.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-41.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9665", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9665" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" } ], "aliases": [ "CVE-2020-9665", "GHSA-xc4p-j89c-p7x5" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nt8u-v7wd-a3d7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/168082?format=api", "vulnerability_id": "VCID-pmd7-hndg-9bbq", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16149", "scoring_system": "epss", "scoring_elements": "0.9491", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9664" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-41.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-41.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9664", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9664" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" } ], "aliases": [ "CVE-2020-9664", "GHSA-337c-3rch-q35j" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pmd7-hndg-9bbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163844?format=api", "vulnerability_id": "VCID-qp9f-r8g6-huhm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3716", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17339", "scoring_system": "epss", "scoring_elements": "0.95164", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3716" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3716", "reference_id": "CVE-2020-3716", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3716" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417330?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/417329?format=api", "purl": "pkg:composer/magento/community-edition@1.14.4%2B4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.14.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3716", "GHSA-9wc9-498w-h8xv" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qp9f-r8g6-huhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13525?format=api", "vulnerability_id": "VCID-t7ae-1xen-tqav", "summary": "SQL Injection\nAn unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7139", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.60108", "scoring_system": "epss", "scoring_elements": "0.983", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7139" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://magento.com/security/patches/supee-11086", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/supee-11086" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://www.ambionics.io/blog/magento-sqli", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.ambionics.io/blog/magento-sqli" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7139", "reference_id": "CVE-2019-7139", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7139" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7139.yaml", "reference_id": "CVE-2019-7139.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7139.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7139.yaml", "reference_id": "CVE-2019-7139.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7139.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7139.yaml", "reference_id": "CVE-2019-7139.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7139.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-4j6w-9rf8-hg7r", "reference_id": "GHSA-4j6w-9rf8-hg7r", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4j6w-9rf8-hg7r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/56765?format=api", "purl": "pkg:composer/magento/community-edition@2.1.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-34a4-y3sn-97cp" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-3w85-cjt6-1kgv" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-73jm-z8yc-n3eh" }, { "vulnerability": "VCID-77v3-4g9b-mbg8" }, { "vulnerability": "VCID-8azw-t94j-7bda" }, { "vulnerability": "VCID-94dk-wkd1-ryg5" }, { "vulnerability": "VCID-9bs6-bkg5-5ygw" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-ckmz-vs6x-sqgw" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e3hs-urj2-hugu" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-fw8t-pt9u-vbgn" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-j6jh-447c-vbay" }, { "vulnerability": "VCID-jbdw-8hjj-puh8" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-nww3-kpvm-4ucu" }, { "vulnerability": "VCID-qqqf-kw83-dfgb" }, { "vulnerability": "VCID-rcdf-rkqa-c7bk" }, { "vulnerability": "VCID-t74p-crez-wyhv" }, { "vulnerability": "VCID-ucfx-6ktc-2bcp" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-wr3g-xf17-abcx" }, { "vulnerability": "VCID-yh9f-v452-tub3" }, { "vulnerability": "VCID-yxpr-kard-n7cr" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/77891?format=api", "purl": "pkg:composer/magento/community-edition@2.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/56766?format=api", "purl": "pkg:composer/magento/community-edition@2.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-34a4-y3sn-97cp" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-3w85-cjt6-1kgv" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-73jm-z8yc-n3eh" }, { "vulnerability": "VCID-77v3-4g9b-mbg8" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-8azw-t94j-7bda" }, { "vulnerability": "VCID-94dk-wkd1-ryg5" }, { "vulnerability": "VCID-9bs6-bkg5-5ygw" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-ckmz-vs6x-sqgw" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e3hs-urj2-hugu" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-fw8t-pt9u-vbgn" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-j6jh-447c-vbay" }, { "vulnerability": "VCID-jbdw-8hjj-puh8" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-nww3-kpvm-4ucu" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-qqqf-kw83-dfgb" }, { "vulnerability": "VCID-rcdf-rkqa-c7bk" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-t74p-crez-wyhv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-ucfx-6ktc-2bcp" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-wr3g-xf17-abcx" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-yh9f-v452-tub3" }, { "vulnerability": "VCID-yxpr-kard-n7cr" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/56767?format=api", "purl": "pkg:composer/magento/community-edition@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-34a4-y3sn-97cp" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-3w85-cjt6-1kgv" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-73jm-z8yc-n3eh" }, { "vulnerability": "VCID-77v3-4g9b-mbg8" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-8azw-t94j-7bda" }, { "vulnerability": "VCID-94dk-wkd1-ryg5" }, { "vulnerability": "VCID-9bs6-bkg5-5ygw" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-ckmz-vs6x-sqgw" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e3hs-urj2-hugu" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-fw8t-pt9u-vbgn" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-j6jh-447c-vbay" }, { "vulnerability": "VCID-jbdw-8hjj-puh8" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-nww3-kpvm-4ucu" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-qqqf-kw83-dfgb" }, { "vulnerability": "VCID-rcdf-rkqa-c7bk" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-t74p-crez-wyhv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-ucfx-6ktc-2bcp" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-wr3g-xf17-abcx" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-yh9f-v452-tub3" }, { "vulnerability": "VCID-yxpr-kard-n7cr" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7139", "GHSA-4j6w-9rf8-hg7r" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t7ae-1xen-tqav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163847?format=api", "vulnerability_id": "VCID-tr2c-pvrf-ybd8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3719", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.79849", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3719" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3719", "reference_id": "CVE-2020-3719", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3719" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417330?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/417329?format=api", "purl": "pkg:composer/magento/community-edition@1.14.4%2B4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.14.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3719", "GHSA-rr59-pjwj-6grj" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tr2c-pvrf-ybd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163846?format=api", "vulnerability_id": "VCID-vnpj-71vh-pkb2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3718", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08697", "scoring_system": "epss", "scoring_elements": "0.92612", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3718" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3718", "reference_id": "CVE-2020-3718", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3718" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417330?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/417329?format=api", "purl": "pkg:composer/magento/community-edition@1.14.4%2B4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.14.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3718", "GHSA-x9p7-vgp2-9pq2" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vnpj-71vh-pkb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163843?format=api", "vulnerability_id": "VCID-xpw6-2hr1-9qge", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3715", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45441", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3715" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3715", "reference_id": "CVE-2020-3715", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3715" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/417330?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/417329?format=api", "purl": "pkg:composer/magento/community-edition@1.14.4%2B4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.14.4%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/108365?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0-rc", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0-rc" }, { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3715", "GHSA-mgg3-v948-2vgr" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xpw6-2hr1-9qge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148740?format=api", "vulnerability_id": "VCID-yh9f-v452-tub3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7882", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24783", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7882" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7882.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7882.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7882.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7882.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7882.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7882.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7882", "reference_id": "CVE-2019-7882", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7882" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56764?format=api", "purl": "pkg:composer/magento/community-edition@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-36ac-e8pr-gkca" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77891?format=api", "purl": "pkg:composer/magento/community-edition@2.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7882", "GHSA-ff7r-7rrm-wx6w" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yh9f-v452-tub3" } ], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.0.0" }