Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/65592?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "type": "composer", "namespace": "magento", "name": "community-edition", "version": "2.3.7", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.4.4-p10", "latest_non_vulnerable_version": "2.4.9-alpha3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179945?format=api", "vulnerability_id": "VCID-1qch-21pj-4yhs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36032", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.71063", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36032" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36032", "reference_id": "CVE-2021-36032", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36032" }, { "reference_url": "https://github.com/advisories/GHSA-5vw8-r55w-f4q4", "reference_id": "GHSA-5vw8-r55w-f4q4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5vw8-r55w-f4q4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36032", "GHSA-5vw8-r55w-f4q4" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1qch-21pj-4yhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/158613?format=api", "vulnerability_id": "VCID-38rm-wf86-ryfw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24407", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03057", "scoring_system": "epss", "scoring_elements": "0.86939", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24407" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24407", "reference_id": "CVE-2020-24407", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24407" }, { "reference_url": "https://github.com/advisories/GHSA-7pxg-6p87-8c9v", "reference_id": "GHSA-7pxg-6p87-8c9v", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7pxg-6p87-8c9v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77287?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-4phr-amm7-q3he" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-eh85-akw2-4qby" }, { "vulnerability": "VCID-gngq-4jm1-nffv" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mn2q-e59e-9bhu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u87h-sf89-k3ew" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1" } ], "aliases": [ "CVE-2020-24407", "GHSA-7pxg-6p87-8c9v" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-38rm-wf86-ryfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179947?format=api", "vulnerability_id": "VCID-3d19-jvhv-kfej", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36034", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05476", "scoring_system": "epss", "scoring_elements": "0.90345", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36034" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36034", "reference_id": "CVE-2021-36034", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36034" }, { "reference_url": "https://github.com/advisories/GHSA-j46h-qjjv-cxfj", "reference_id": "GHSA-j46h-qjjv-cxfj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j46h-qjjv-cxfj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36034", "GHSA-j46h-qjjv-cxfj" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3d19-jvhv-kfej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179952?format=api", "vulnerability_id": "VCID-3mbp-mm4g-yybx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36040", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03446", "scoring_system": "epss", "scoring_elements": "0.87701", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36040" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36040", "reference_id": "CVE-2021-36040", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36040" }, { "reference_url": "https://github.com/advisories/GHSA-2pq5-gpqf-g4r3", "reference_id": "GHSA-2pq5-gpqf-g4r3", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2pq5-gpqf-g4r3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36040", "GHSA-2pq5-gpqf-g4r3" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3mbp-mm4g-yybx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179951?format=api", "vulnerability_id": "VCID-3mg5-5bnt-3qb3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36039", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00801", "scoring_system": "epss", "scoring_elements": "0.74384", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36039" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36039", "reference_id": "CVE-2021-36039", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36039" }, { "reference_url": "https://github.com/advisories/GHSA-3g7m-g8qm-x6j5", "reference_id": "GHSA-3g7m-g8qm-x6j5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3g7m-g8qm-x6j5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36039", "GHSA-3g7m-g8qm-x6j5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3mg5-5bnt-3qb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179937?format=api", "vulnerability_id": "VCID-5m9k-7pab-bygj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36024", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08668", "scoring_system": "epss", "scoring_elements": "0.9259", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36024" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36024", "reference_id": "CVE-2021-36024", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36024" }, { "reference_url": "https://github.com/advisories/GHSA-qmq6-jpvg-j547", "reference_id": "GHSA-qmq6-jpvg-j547", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qmq6-jpvg-j547" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36024", "GHSA-qmq6-jpvg-j547" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5m9k-7pab-bygj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179935?format=api", "vulnerability_id": "VCID-63pe-4w5f-zqax", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36020", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.31066", "scoring_system": "epss", "scoring_elements": "0.9683", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36020" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36020", "reference_id": "CVE-2021-36020", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36020" }, { "reference_url": "https://github.com/advisories/GHSA-xvpx-6hh8-7h72", "reference_id": "GHSA-xvpx-6hh8-7h72", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xvpx-6hh8-7h72" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36020", "GHSA-xvpx-6hh8-7h72" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-63pe-4w5f-zqax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179938?format=api", "vulnerability_id": "VCID-6cm3-pkzs-wbdu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36025", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05476", "scoring_system": "epss", "scoring_elements": "0.90345", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36025" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36025", "reference_id": "CVE-2021-36025", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36025" }, { "reference_url": "https://github.com/advisories/GHSA-gvfx-9m9v-h839", "reference_id": "GHSA-gvfx-9m9v-h839", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gvfx-9m9v-h839" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36025", "GHSA-gvfx-9m9v-h839" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6cm3-pkzs-wbdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179941?format=api", "vulnerability_id": "VCID-8vyv-da9b-x7c5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36028", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11326", "scoring_system": "epss", "scoring_elements": "0.93663", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36028" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36028", "reference_id": "CVE-2021-36028", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36028" }, { "reference_url": "https://github.com/advisories/GHSA-5pjj-7fq8-9gpf", "reference_id": "GHSA-5pjj-7fq8-9gpf", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5pjj-7fq8-9gpf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36028", "GHSA-5pjj-7fq8-9gpf" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8vyv-da9b-x7c5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179939?format=api", "vulnerability_id": "VCID-atcy-z6qm-7qcn", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36026", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01528", "scoring_system": "epss", "scoring_elements": "0.81601", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36026" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36026", "reference_id": "CVE-2021-36026", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36026" }, { "reference_url": "https://github.com/advisories/GHSA-8gfq-m4cf-w975", "reference_id": "GHSA-8gfq-m4cf-w975", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8gfq-m4cf-w975" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36026", "GHSA-8gfq-m4cf-w975" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-atcy-z6qm-7qcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18377?format=api", "vulnerability_id": "VCID-atnt-jfyb-uydk", "summary": "Magento affected by remote code execution vulnerability in the CMS page scheduled update feature\nMagento versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an Improper input validation vulnerability within the CMS page scheduled update feature. An authenticated attacker with administrative privilege could leverage this vulnerability to achieve remote code execution on the system.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36021", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00984", "scoring_system": "epss", "scoring_elements": "0.77117", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36021" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-13T15:48:42Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36021", "reference_id": "CVE-2021-36021", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36021" }, { "reference_url": "https://github.com/advisories/GHSA-4g27-q2w9-m8m8", "reference_id": "GHSA-4g27-q2w9-m8m8", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4g27-q2w9-m8m8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36021", "GHSA-4g27-q2w9-m8m8" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-atnt-jfyb-uydk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179942?format=api", "vulnerability_id": "VCID-dahp-ngf2-yfck", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36029", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87718", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36029" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36029", "reference_id": "CVE-2021-36029", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36029" }, { "reference_url": "https://github.com/advisories/GHSA-m8wx-whpp-q283", "reference_id": "GHSA-m8wx-whpp-q283", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m8wx-whpp-q283" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36029", "GHSA-m8wx-whpp-q283" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dahp-ngf2-yfck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179943?format=api", "vulnerability_id": "VCID-ddnf-1ejm-g3fm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36030", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01428", "scoring_system": "epss", "scoring_elements": "0.80953", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36030" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36030", "reference_id": "CVE-2021-36030", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36030" }, { "reference_url": "https://github.com/advisories/GHSA-rhff-65hp-55rw", "reference_id": "GHSA-rhff-65hp-55rw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rhff-65hp-55rw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36030", "GHSA-rhff-65hp-55rw" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ddnf-1ejm-g3fm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179949?format=api", "vulnerability_id": "VCID-ea9q-x4cf-wfdj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36037", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00898", "scoring_system": "epss", "scoring_elements": "0.75981", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36037" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36037", "reference_id": "CVE-2021-36037", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36037" }, { "reference_url": "https://github.com/advisories/GHSA-vrq2-w7r7-3fp2", "reference_id": "GHSA-vrq2-w7r7-3fp2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vrq2-w7r7-3fp2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36037", "GHSA-vrq2-w7r7-3fp2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ea9q-x4cf-wfdj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179955?format=api", "vulnerability_id": "VCID-esvp-gu4v-hkc8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36043", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0261", "scoring_system": "epss", "scoring_elements": "0.85899", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36043" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36043", "reference_id": "CVE-2021-36043", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36043" }, { "reference_url": "https://github.com/advisories/GHSA-36xq-7w8w-xp68", "reference_id": "GHSA-36xq-7w8w-xp68", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-36xq-7w8w-xp68" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36043", "GHSA-36xq-7w8w-xp68" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-esvp-gu4v-hkc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179954?format=api", "vulnerability_id": "VCID-fk7u-x6n8-y3a8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36042", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04108", "scoring_system": "epss", "scoring_elements": "0.8879", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36042" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36042", "reference_id": "CVE-2021-36042", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36042" }, { "reference_url": "https://github.com/advisories/GHSA-6cwv-wj7v-73xp", "reference_id": "GHSA-6cwv-wj7v-73xp", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6cwv-wj7v-73xp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36042", "GHSA-6cwv-wj7v-73xp" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fk7u-x6n8-y3a8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14058?format=api", "vulnerability_id": "VCID-hb1m-rxm7-nyga", "summary": "Information Exposure\nMagento is vulnerable to an Information Disclosure vulnerability when uploading a modified png file to a product image. Successful exploitation could lead to the disclosure of document root path by an unauthenticated attacker. Access to the admin console is required for successful exploitation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28566", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.73004", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28566" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28566", "reference_id": "CVE-2021-28566", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28566" }, { "reference_url": "https://github.com/advisories/GHSA-w942-fw92-mqm2", "reference_id": "GHSA-w942-fw92-mqm2", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w942-fw92-mqm2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57944?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65814?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3" } ], "aliases": [ "CVE-2021-28566", "GHSA-w942-fw92-mqm2" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hb1m-rxm7-nyga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179953?format=api", "vulnerability_id": "VCID-ktbz-cqsm-cqdh", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36041", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05476", "scoring_system": "epss", "scoring_elements": "0.90345", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36041" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36041", "reference_id": "CVE-2021-36041", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36041" }, { "reference_url": "https://github.com/advisories/GHSA-mx5m-j5xr-jg8c", "reference_id": "GHSA-mx5m-j5xr-jg8c", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mx5m-j5xr-jg8c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36041", "GHSA-mx5m-j5xr-jg8c" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ktbz-cqsm-cqdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/158607?format=api", "vulnerability_id": "VCID-mxpb-g7qp-w3gp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24401", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.52015", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24401" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24401", "reference_id": "CVE-2020-24401", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24401" }, { "reference_url": "https://github.com/advisories/GHSA-f2g3-3c6q-4478", "reference_id": "GHSA-f2g3-3c6q-4478", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f2g3-3c6q-4478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77287?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-4phr-amm7-q3he" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-eh85-akw2-4qby" }, { "vulnerability": "VCID-gngq-4jm1-nffv" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mn2q-e59e-9bhu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u87h-sf89-k3ew" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1" } ], "aliases": [ "CVE-2020-24401", "GHSA-f2g3-3c6q-4478" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mxpb-g7qp-w3gp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179927?format=api", "vulnerability_id": "VCID-nf7q-381b-eufk", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36012", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00792", "scoring_system": "epss", "scoring_elements": "0.74223", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36012" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36012", "reference_id": "CVE-2021-36012", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36012" }, { "reference_url": "https://github.com/advisories/GHSA-3f97-7pgv-gmgr", "reference_id": "GHSA-3f97-7pgv-gmgr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3f97-7pgv-gmgr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36012", "GHSA-3f97-7pgv-gmgr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nf7q-381b-eufk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179956?format=api", "vulnerability_id": "VCID-qdse-avkx-7kb6", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36044", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01739", "scoring_system": "epss", "scoring_elements": "0.82826", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36044" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36044", "reference_id": "CVE-2021-36044", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36044" }, { "reference_url": "https://github.com/advisories/GHSA-wr57-3h2f-3q95", "reference_id": "GHSA-wr57-3h2f-3q95", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wr57-3h2f-3q95" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36044", "GHSA-wr57-3h2f-3q95" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdse-avkx-7kb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/200741?format=api", "vulnerability_id": "VCID-snxt-bv9t-nbdu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35692", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66871", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35692" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:06:14Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35692", "reference_id": "CVE-2022-35692", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35692" }, { "reference_url": "https://github.com/advisories/GHSA-gm4m-9rm8-7rxj", "reference_id": "GHSA-gm4m-9rm8-7rxj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gm4m-9rm8-7rxj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/78817?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/63233?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zndr-m4hp-gue2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/63236?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-35692", "GHSA-gm4m-9rm8-7rxj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-snxt-bv9t-nbdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179950?format=api", "vulnerability_id": "VCID-u3cx-xm7q-8uch", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36038", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01462", "scoring_system": "epss", "scoring_elements": "0.81176", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36038" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36038", "reference_id": "CVE-2021-36038", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36038" }, { "reference_url": "https://github.com/advisories/GHSA-wgpr-9675-8r67", "reference_id": "GHSA-wgpr-9675-8r67", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wgpr-9675-8r67" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36038", "GHSA-wgpr-9675-8r67" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u3cx-xm7q-8uch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179944?format=api", "vulnerability_id": "VCID-x63j-5hm1-8kh9", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36031", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1031", "scoring_system": "epss", "scoring_elements": "0.93303", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36031" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36031", "reference_id": "CVE-2021-36031", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36031" }, { "reference_url": "https://github.com/advisories/GHSA-7w95-qwhh-q9p3", "reference_id": "GHSA-7w95-qwhh-q9p3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7w95-qwhh-q9p3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36031", "GHSA-7w95-qwhh-q9p3" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x63j-5hm1-8kh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179936?format=api", "vulnerability_id": "VCID-yhrq-kbj5-puaz", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11326", "scoring_system": "epss", "scoring_elements": "0.93663", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36022" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36022", "reference_id": "CVE-2021-36022", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36022" }, { "reference_url": "https://github.com/advisories/GHSA-3x9x-vhqj-cv27", "reference_id": "GHSA-3x9x-vhqj-cv27", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3x9x-vhqj-cv27" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36022", "GHSA-3x9x-vhqj-cv27" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yhrq-kbj5-puaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18461?format=api", "vulnerability_id": "VCID-yjrz-v74j-xbfx", "summary": "Magento Open Source affected by Improper Input Validation\nAdobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability. Exploitation of this issue does not require user interaction and could result in a post-authentication arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24093", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01122", "scoring_system": "epss", "scoring_elements": "0.78565", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24093" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-13.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-26T21:51:54Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-13.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24093", "reference_id": "CVE-2022-24093", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24093" }, { "reference_url": "https://github.com/advisories/GHSA-5xmp-7wg5-x68q", "reference_id": "GHSA-5xmp-7wg5-x68q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5xmp-7wg5-x68q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/59703?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/63233?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zndr-m4hp-gue2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p1" } ], "aliases": [ "CVE-2022-24093", "GHSA-5xmp-7wg5-x68q" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yjrz-v74j-xbfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18373?format=api", "vulnerability_id": "VCID-z5ak-93ax-gues", "summary": "Magento improper access control vulnerability within Magento's Media Gallery Upload workflow\nMagento versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper access control vulnerability within Magento's Media Gallery Upload workflow. By storing a specially crafted file in the website gallery, an authenticated attacker with administrative privilege can gain access to delete the .htaccess file. This could result in the attacker achieving remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36036", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01179", "scoring_system": "epss", "scoring_elements": "0.79059", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36036" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-26T21:52:37Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36036", "reference_id": "CVE-2021-36036", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36036" }, { "reference_url": "https://github.com/advisories/GHSA-wqr6-wv6c-p8fx", "reference_id": "GHSA-wqr6-wv6c-p8fx", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wqr6-wv6c-p8fx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36036", "GHSA-wqr6-wv6c-p8fx" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z5ak-93ax-gues" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18370?format=api", "vulnerability_id": "VCID-zpta-g6q9-ykdh", "summary": "Magento XML Injection vulnerability in the Widgets Update Layout\nMagento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12858", "scoring_system": "epss", "scoring_elements": "0.94157", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36023" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-26T21:52:38Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36023", "reference_id": "CVE-2021-36023", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36023" }, { "reference_url": "https://github.com/advisories/GHSA-8cjg-f53m-8m9q", "reference_id": "GHSA-8cjg-f53m-8m9q", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8cjg-f53m-8m9q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36023", "GHSA-8cjg-f53m-8m9q" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zpta-g6q9-ykdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179946?format=api", "vulnerability_id": "VCID-zt1b-5ytz-wqb6", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36033", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11326", "scoring_system": "epss", "scoring_elements": "0.93663", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36033" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36033", "reference_id": "CVE-2021-36033", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36033" }, { "reference_url": "https://github.com/advisories/GHSA-p746-qw73-qmmx", "reference_id": "GHSA-p746-qw73-qmmx", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p746-qw73-qmmx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36033", "GHSA-p746-qw73-qmmx" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zt1b-5ytz-wqb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179940?format=api", "vulnerability_id": "VCID-zzn5-7yxb-t3hf", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36027", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01528", "scoring_system": "epss", "scoring_elements": "0.81601", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36027" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-64.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36027", "reference_id": "CVE-2021-36027", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36027" }, { "reference_url": "https://github.com/advisories/GHSA-x2v2-2jhp-c5hv", "reference_id": "GHSA-x2v2-2jhp-c5hv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x2v2-2jhp-c5hv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448390?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65594?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65813?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p1" } ], "aliases": [ "CVE-2021-36027", "GHSA-x2v2-2jhp-c5hv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zzn5-7yxb-t3hf" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15079?format=api", "vulnerability_id": "VCID-1z32-g2kw-pkdx", "summary": "Magento improper input validation vulnerability\nAdobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24086", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93736", "scoring_system": "epss", "scoring_elements": "0.99859", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24086" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-12.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-02-27T18:35:53Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-12.html" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-24086", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-24086" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24086", "reference_id": "CVE-2022-24086", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24086" }, { "reference_url": "https://github.com/advisories/GHSA-f8fv-f786-9933", "reference_id": "GHSA-f8fv-f786-9933", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f8fv-f786-9933" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59702?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-4phr-amm7-q3he" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-eh85-akw2-4qby" }, { "vulnerability": "VCID-gngq-4jm1-nffv" }, { "vulnerability": "VCID-mn2q-e59e-9bhu" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u87h-sf89-k3ew" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/59703?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65814?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3" } ], "aliases": [ "CVE-2022-24086", "GHSA-f8fv-f786-9933" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1z32-g2kw-pkdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175551?format=api", "vulnerability_id": "VCID-4phr-amm7-q3he", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28585", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57895", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28585" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28585", "reference_id": "CVE-2021-28585", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28585" }, { "reference_url": "https://github.com/advisories/GHSA-c38m-9668-6j2w", "reference_id": "GHSA-c38m-9668-6j2w", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c38m-9668-6j2w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/57944?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" } ], "aliases": [ "CVE-2021-28585", "GHSA-c38m-9668-6j2w" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4phr-amm7-q3he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199792?format=api", "vulnerability_id": "VCID-86h6-jwyx-8yf2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34257", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73815", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34257" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:02Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34257", "reference_id": "CVE-2022-34257", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34257" }, { "reference_url": "https://github.com/advisories/GHSA-rg7p-wmgj-f374", "reference_id": "GHSA-rg7p-wmgj-f374", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rg7p-wmgj-f374" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78818?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/78817?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/63234?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/63236?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34257", "GHSA-rg7p-wmgj-f374" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-86h6-jwyx-8yf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199794?format=api", "vulnerability_id": "VCID-8kar-95vh-ube3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34259", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46054", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34259" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:06:18Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34259", "reference_id": "CVE-2022-34259", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34259" }, { "reference_url": "https://github.com/advisories/GHSA-9wjf-94h3-r4rh", "reference_id": "GHSA-9wjf-94h3-r4rh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9wjf-94h3-r4rh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78818?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/78817?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/63234?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/63236?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34259", "GHSA-9wjf-94h3-r4rh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8kar-95vh-ube3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199793?format=api", "vulnerability_id": "VCID-cd1x-g9b4-6ufh", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34258", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16184", "scoring_system": "epss", "scoring_elements": "0.94918", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34258" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:10Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34258", "reference_id": "CVE-2022-34258", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34258" }, { "reference_url": "https://github.com/advisories/GHSA-5m55-g8pv-x8ww", "reference_id": "GHSA-5m55-g8pv-x8ww", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5m55-g8pv-x8ww" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78818?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/78817?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/63234?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/63236?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34258", "GHSA-5m55-g8pv-x8ww" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cd1x-g9b4-6ufh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175527?format=api", "vulnerability_id": "VCID-eh85-akw2-4qby", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28556", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.23863", "scoring_system": "epss", "scoring_elements": "0.96114", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28556" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28556", "reference_id": "CVE-2021-28556", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28556" }, { "reference_url": "https://github.com/advisories/GHSA-39ch-rg26-gmq5", "reference_id": "GHSA-39ch-rg26-gmq5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-39ch-rg26-gmq5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/57944?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" } ], "aliases": [ "CVE-2021-28556", "GHSA-39ch-rg26-gmq5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eh85-akw2-4qby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175537?format=api", "vulnerability_id": "VCID-gngq-4jm1-nffv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28567", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27904", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28567" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28567", "reference_id": "CVE-2021-28567", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28567" }, { "reference_url": "https://github.com/advisories/GHSA-cc3w-r3w8-hfh7", "reference_id": "GHSA-cc3w-r3w8-hfh7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cc3w-r3w8-hfh7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/57944?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" } ], "aliases": [ "CVE-2021-28567", "GHSA-cc3w-r3w8-hfh7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gngq-4jm1-nffv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14058?format=api", "vulnerability_id": "VCID-hb1m-rxm7-nyga", "summary": "Information Exposure\nMagento is vulnerable to an Information Disclosure vulnerability when uploading a modified png file to a product image. Successful exploitation could lead to the disclosure of document root path by an unauthenticated attacker. Access to the admin console is required for successful exploitation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28566", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.73004", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28566" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28566", "reference_id": "CVE-2021-28566", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28566" }, { "reference_url": "https://github.com/advisories/GHSA-w942-fw92-mqm2", "reference_id": "GHSA-w942-fw92-mqm2", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w942-fw92-mqm2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/57944?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65814?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3" } ], "aliases": [ "CVE-2021-28566", "GHSA-w942-fw92-mqm2" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hb1m-rxm7-nyga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175534?format=api", "vulnerability_id": "VCID-kf9w-4pch-5yhm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28563", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49261", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28563" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://github.com/magento/magento2/commit/ed952726c94e401e922e88490e41a536f2d850e7", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/ed952726c94e401e922e88490e41a536f2d850e7" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28563", "reference_id": "CVE-2021-28563", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28563" }, { "reference_url": "https://github.com/advisories/GHSA-q9xx-4689-gvv5", "reference_id": "GHSA-q9xx-4689-gvv5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q9xx-4689-gvv5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/57944?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" } ], "aliases": [ "CVE-2021-28563", "GHSA-q9xx-4689-gvv5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kf9w-4pch-5yhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175550?format=api", "vulnerability_id": "VCID-mn2q-e59e-9bhu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28584", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.6907", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28584" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28584", "reference_id": "CVE-2021-28584", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28584" }, { "reference_url": "https://github.com/advisories/GHSA-7gpv-xrjr-f5h4", "reference_id": "GHSA-7gpv-xrjr-f5h4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7gpv-xrjr-f5h4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/57944?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" } ], "aliases": [ "CVE-2021-28584", "GHSA-7gpv-xrjr-f5h4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mn2q-e59e-9bhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199789?format=api", "vulnerability_id": "VCID-t2pj-rv3r-7fda", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34254", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00599", "scoring_system": "epss", "scoring_elements": "0.69768", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34254" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:06Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34254", "reference_id": "CVE-2022-34254", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34254" }, { "reference_url": "https://github.com/advisories/GHSA-fx9g-g9q6-x3jx", "reference_id": "GHSA-fx9g-g9q6-x3jx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fx9g-g9q6-x3jx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78818?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/78817?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/63234?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/63236?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34254", "GHSA-fx9g-g9q6-x3jx" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t2pj-rv3r-7fda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199791?format=api", "vulnerability_id": "VCID-trys-a3eq-y7fb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34256", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61518", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34256" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:06:22Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34256", "reference_id": "CVE-2022-34256", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34256" }, { "reference_url": "https://github.com/advisories/GHSA-r7mm-grf3-5fjv", "reference_id": "GHSA-r7mm-grf3-5fjv", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r7mm-grf3-5fjv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78818?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/78817?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/63234?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/63236?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34256", "GHSA-r7mm-grf3-5fjv" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-trys-a3eq-y7fb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175549?format=api", "vulnerability_id": "VCID-u87h-sf89-k3ew", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28583", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00531", "scoring_system": "epss", "scoring_elements": "0.67561", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28583" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28583", "reference_id": "CVE-2021-28583", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28583" }, { "reference_url": "https://github.com/advisories/GHSA-7gh6-f4jh-3crq", "reference_id": "GHSA-7gh6-f4jh-3crq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7gh6-f4jh-3crq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/57944?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" } ], "aliases": [ "CVE-2021-28583", "GHSA-7gh6-f4jh-3crq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u87h-sf89-k3ew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199790?format=api", "vulnerability_id": "VCID-z5sv-b3wm-rqbe", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34255", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66786", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34255" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:06:09Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34255", "reference_id": "CVE-2022-34255", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34255" }, { "reference_url": "https://github.com/advisories/GHSA-x95x-f4g9-mm85", "reference_id": "GHSA-x95x-f4g9-mm85", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x95x-f4g9-mm85" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78818?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/78817?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/63234?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/63236?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34255", "GHSA-x95x-f4g9-mm85" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z5sv-b3wm-rqbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/199788?format=api", "vulnerability_id": "VCID-z7g7-sbje-bbev", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34253", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.37194", "scoring_system": "epss", "scoring_elements": "0.97242", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34253" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:06:06Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34253", "reference_id": "CVE-2022-34253", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34253" }, { "reference_url": "https://github.com/advisories/GHSA-cj7w-pm77-hvg6", "reference_id": "GHSA-cj7w-pm77-hvg6", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cj7w-pm77-hvg6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78818?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/78817?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/63234?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/63236?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-34253", "GHSA-cj7w-pm77-hvg6" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z7g7-sbje-bbev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205808?format=api", "vulnerability_id": "VCID-zjmz-qn1y-n3d9", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42344", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39766", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42344" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42344", "reference_id": "CVE-2022-42344", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42344" }, { "reference_url": "https://github.com/advisories/GHSA-297f-r9w7-w492", "reference_id": "GHSA-297f-r9w7-w492", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-297f-r9w7-w492" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78818?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/78817?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/65814?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/63236?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-2gjv-y49y-4yh7" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-umy7-aq5d-vfhj" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-wv9y-3kyz-hbgq" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zndr-m4hp-gue2" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "aliases": [ "CVE-2022-42344", "GHSA-297f-r9w7-w492" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zjmz-qn1y-n3d9" } ], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }