| 0 |
| url |
VCID-1jsp-392b-2fgb |
| vulnerability_id |
VCID-1jsp-392b-2fgb |
| summary |
Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
Magento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability by manipulating the timing between the check of a resource's state and its use, allowing unauthorized write access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-49558, GHSA-wcmw-8xpp-rwfj
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1jsp-392b-2fgb |
|
| 1 |
| url |
VCID-2vsw-t8k2-4bfm |
| vulnerability_id |
VCID-2vsw-t8k2-4bfm |
| summary |
Adobe Commerce Improper Authorization vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both confidentiality and integrity impact. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24409, GHSA-vw47-79jv-3598
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2vsw-t8k2-4bfm |
|
| 2 |
| url |
VCID-3g5s-hryc-5qa9 |
| vulnerability_id |
VCID-3g5s-hryc-5qa9 |
| summary |
Magneto contains stored XSS vulnerability
Magento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-47110, GHSA-j934-vjh5-vf9r
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3g5s-hryc-5qa9 |
|
| 3 |
| url |
VCID-3zcy-b3th-ukhd |
| vulnerability_id |
VCID-3zcy-b3th-ukhd |
| summary |
Magento Improper Access Control Leads to Privilege escalation
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39419, GHSA-74w7-cr4v-wf2v
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3zcy-b3th-ukhd |
|
| 4 |
| url |
VCID-4dae-vty8-b7hk |
| vulnerability_id |
VCID-4dae-vty8-b7hk |
| summary |
Magento Improper Access Control leads to security feature bypass
Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited write access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
| 4 |
|
|
| aliases |
CVE-2025-27206, GHSA-g2pj-xmxq-3r9q
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4dae-vty8-b7hk |
|
| 5 |
| url |
VCID-5gxr-xksz-5ydb |
| vulnerability_id |
VCID-5gxr-xksz-5ydb |
| summary |
Magento Improper Authorization leads to security feature bypass
Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39411, GHSA-qm77-mqf3-fmhq
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5gxr-xksz-5ydb |
|
| 6 |
| url |
VCID-5wfa-wpby-dke1 |
| vulnerability_id |
VCID-5wfa-wpby-dke1 |
| summary |
Magento Open Source allows Improper Access Control
Adobe Commerce versions 2.4.3-p3 (and earlier), 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 8 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 9 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 10 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 11 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 12 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 13 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 14 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 15 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 16 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 21 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 22 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 25 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 26 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 27 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 28 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 29 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 30 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 31 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 32 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 33 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 34 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 35 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 36 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 37 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 40 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 41 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 42 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 43 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 44 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 45 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 46 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 47 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 48 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 49 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 50 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 51 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 52 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 53 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 54 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 55 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 56 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p2 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 10 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 11 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 12 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 13 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 14 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 15 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 16 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 37 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 38 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 39 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 40 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 41 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 42 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 43 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 44 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 45 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 46 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 47 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 48 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 49 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 50 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 51 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 52 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 53 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 54 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 55 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 56 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 57 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 62 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 63 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 64 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 65 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 66 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 67 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p1 |
|
|
| aliases |
CVE-2022-35689, GHSA-5fxx-jwjm-x9hj
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5wfa-wpby-dke1 |
|
| 7 |
| url |
VCID-69wt-c418-mubr |
| vulnerability_id |
VCID-69wt-c418-mubr |
| summary |
Magento Open Source allows Cross-Site Request Forgery (CSRF)
Adobe Commerce versions 2.4.2-p2 (and earlier), 2.4.3 (and earlier) and 2.3.7p1 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via a Wishlist Share Link. Successful exploitation could lead to unauthorized addition to a customer's cart by an unauthenticated attacker. Access to the admin console is not required for successful exploitation. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
4.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4 |
| purl |
pkg:composer/magento/community-edition@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 58 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 59 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 72 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 73 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 74 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 75 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 76 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 77 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 78 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 79 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 80 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 81 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 82 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 83 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 84 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 85 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 86 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 87 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 88 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 89 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 90 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 91 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 92 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 93 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 94 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 95 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 96 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 97 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 98 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 99 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 100 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 101 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 102 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 103 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 104 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 105 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 106 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 107 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 108 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 109 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 110 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 111 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 112 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 113 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 114 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 115 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 116 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 117 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 118 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 119 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 120 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 121 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 122 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 123 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 124 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 125 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 126 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 127 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 128 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 129 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 130 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 131 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 132 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 133 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 134 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 135 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4 |
|
|
| aliases |
CVE-2021-39864, GHSA-94wq-87g6-8h77
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-69wt-c418-mubr |
|
| 8 |
| url |
VCID-6p6q-ctya-q3bv |
| vulnerability_id |
VCID-6p6q-ctya-q3bv |
| summary |
Magento Authenticated Security feature bypass
Magento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
| 4 |
|
|
| aliases |
CVE-2025-49549, GHSA-85jx-x9r4-45m2
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6p6q-ctya-q3bv |
|
| 9 |
| url |
VCID-6tx4-wexr-fkbb |
| vulnerability_id |
VCID-6tx4-wexr-fkbb |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain elevated privileges. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24437, GHSA-469f-wf4f-3jjv
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6tx4-wexr-fkbb |
|
| 10 |
| url |
VCID-7pr7-uqp1-sugt |
| vulnerability_id |
VCID-7pr7-uqp1-sugt |
| summary |
Magento Open Source Improper Access Control vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45130, GHSA-v3v6-jfvw-m576
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7pr7-uqp1-sugt |
|
| 11 |
| url |
VCID-7s3w-8dn6-jqh7 |
| vulnerability_id |
VCID-7s3w-8dn6-jqh7 |
| summary |
Magento Open Source Improper Access Control vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45124, GHSA-w3p2-pc3h-69wv
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| url |
VCID-7s74-rdkp-vyaf |
| vulnerability_id |
VCID-7s74-rdkp-vyaf |
| summary |
Magento Incorrect Authorization vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to perform actions with permissions that were not granted. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24421, GHSA-v6r2-425c-hfrr
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7s74-rdkp-vyaf |
|
| 13 |
| url |
VCID-8hx4-r8bb-n7ge |
| vulnerability_id |
VCID-8hx4-r8bb-n7ge |
| summary |
Magento stored Cross-Site Scripting (XSS) vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24428, GHSA-mm87-rrqx-94cr
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8hx4-r8bb-n7ge |
|
| 14 |
| url |
VCID-8ky6-w2nk-9bds |
| vulnerability_id |
VCID-8ky6-w2nk-9bds |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24411, GHSA-36hw-x3cc-m258
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8ky6-w2nk-9bds |
|
| 15 |
| url |
VCID-8shb-t5zp-rqbu |
| vulnerability_id |
VCID-8shb-t5zp-rqbu |
| summary |
Magento Improper Access Control leads to Security feature bypass
Magento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-27190, GHSA-6wq7-cg9h-mj6q
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8shb-t5zp-rqbu |
|
| 16 |
| url |
VCID-9vrt-uccb-myev |
| vulnerability_id |
VCID-9vrt-uccb-myev |
| summary |
Magento Improper Authorization Leading to Security feature bypass
Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39415, GHSA-gj93-84g5-mcjq
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9vrt-uccb-myev |
|
| 17 |
| url |
VCID-a9b6-tenb-afdw |
| vulnerability_id |
VCID-a9b6-tenb-afdw |
| summary |
Magento Stored Cross-Site Scripting (XSS) Vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24416, GHSA-rjjw-g6hw-7pc9
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a9b6-tenb-afdw |
|
| 18 |
| url |
VCID-ayfe-5a7g-u7b7 |
| vulnerability_id |
VCID-ayfe-5a7g-u7b7 |
| summary |
Magento Open Source affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 1 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 2 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 3 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 4 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 5 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 6 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 7 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 8 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 9 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 10 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 11 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 12 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 13 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 16 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 17 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 18 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 19 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 20 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 21 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 22 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 23 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 24 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 25 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 26 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p6 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 2 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 3 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 4 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 5 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 12 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 13 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 14 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 15 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 16 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 17 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 18 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 19 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 20 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 21 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 22 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 23 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 24 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 25 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 26 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 27 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 28 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 29 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 30 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 31 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 32 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 33 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 34 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 35 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 36 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 37 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 38 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 39 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 40 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 41 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 42 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 43 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 44 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 45 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 46 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 47 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 48 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 49 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 50 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 51 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 52 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 53 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 54 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 55 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 56 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 57 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 58 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 59 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 60 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 61 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 62 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 63 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 64 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 65 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
|
| aliases |
CVE-2024-34102, GHSA-m8cj-3v68-3cxj
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ayfe-5a7g-u7b7 |
|
| 19 |
| url |
VCID-b3cn-pjp3-4yhm |
| vulnerability_id |
VCID-b3cn-pjp3-4yhm |
| summary |
Magento Business Logic Error vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Business Logic Error vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to circumvent intended security mechanisms by manipulating the logic of the application's operations causing limited data modification. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24425, GHSA-6ff8-jrfg-43hh
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b3cn-pjp3-4yhm |
|
| 20 |
| url |
VCID-b9ry-u6qy-j7cc |
| vulnerability_id |
VCID-b9ry-u6qy-j7cc |
| summary |
Magento Improper Authorization leads to Security feature bypass
Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39417, GHSA-4xmj-f664-hv98
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b9ry-u6qy-j7cc |
|
| 21 |
| url |
VCID-bch8-kq49-skhm |
| vulnerability_id |
VCID-bch8-kq49-skhm |
| summary |
Magento Open Source reflected Cross-Site Scripting (XSS) vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45123, GHSA-88x2-cq34-5fwc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bch8-kq49-skhm |
|
| 22 |
| url |
VCID-bera-73sm-bbh7 |
| vulnerability_id |
VCID-bera-73sm-bbh7 |
| summary |
Magento Open Source Incorrect Authorization vulnerability
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to gain unauthorized access or perform actions with the privileges of another user. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 1 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 2 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 3 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 4 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 5 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 6 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 7 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 8 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 9 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 10 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 11 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 12 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 13 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 16 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 17 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 18 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 19 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 20 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 21 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 22 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 23 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 24 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 25 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 26 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p6 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 2 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 3 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 4 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 5 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 12 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 13 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 14 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 15 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 16 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 17 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 18 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 19 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 20 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 21 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 22 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 23 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 24 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 25 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 26 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 27 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 28 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 29 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 30 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 31 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 32 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 33 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 34 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 35 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 36 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 37 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 38 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 39 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 40 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 41 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 42 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 43 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 44 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 45 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 46 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 47 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 48 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 49 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 50 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 51 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 52 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 53 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 54 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 55 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 56 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 57 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 58 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 59 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 60 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 61 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 62 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 63 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 64 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 65 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
|
| aliases |
CVE-2024-34106, GHSA-p6h9-gx5g-wg64
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bera-73sm-bbh7 |
|
| 23 |
| url |
VCID-bkpz-ratd-e7ab |
| vulnerability_id |
VCID-bkpz-ratd-e7ab |
| summary |
Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability
Magento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
| reference_url |
https://helpx.adobe.com/security/products/magento/apsb24-61.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:47Z/ |
|
|
| url |
https://helpx.adobe.com/security/products/magento/apsb24-61.html |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39410, GHSA-4323-f82v-f6jr
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bkpz-ratd-e7ab |
|
| 24 |
| url |
VCID-bzyh-c5tm-j7dn |
| vulnerability_id |
VCID-bzyh-c5tm-j7dn |
| summary |
Magento Open Source Cross-Site Scripting (XSS) vulnerability
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
4.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 1 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 2 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 3 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 4 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 5 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 6 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 7 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 8 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 9 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 10 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 11 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 12 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 13 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 16 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 17 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 18 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 19 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 20 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 21 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 22 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 23 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 24 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 25 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 26 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p6 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 2 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 3 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 4 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 5 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 12 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 13 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 14 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 15 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 16 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 17 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 18 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 19 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 20 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 21 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 22 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 23 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 24 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 25 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 26 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 27 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 28 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 29 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 30 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 31 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 32 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 33 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 34 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 35 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 36 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 37 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 38 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 39 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 40 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 41 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 42 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 43 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 44 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 45 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 46 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 47 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 48 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 49 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 50 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 51 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 52 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 53 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 54 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 55 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 56 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 57 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 58 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 59 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 60 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 61 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 62 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 63 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 64 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 65 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
|
| aliases |
CVE-2024-34105, GHSA-5632-wq7m-gfq9
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bzyh-c5tm-j7dn |
|
| 25 |
| url |
VCID-c4ms-3und-c7d1 |
| vulnerability_id |
VCID-c4ms-3und-c7d1 |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker with a low privilege account could leverage this vulnerability to perform an account takeover for a victim. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4 |
| purl |
pkg:composer/magento/community-edition@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 58 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 59 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 72 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 73 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 74 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 75 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 76 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 77 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 78 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 79 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 80 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 81 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 82 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 83 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 84 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 85 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 86 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 87 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 88 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 89 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 90 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 91 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 92 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 93 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 94 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 95 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 96 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 97 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 98 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 99 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 100 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 101 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 102 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 103 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 104 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 105 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 106 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 107 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 108 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 109 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 110 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 111 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 112 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 113 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 114 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 115 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 116 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 117 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 118 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 119 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 120 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 121 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 122 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 123 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 124 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 125 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 126 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 127 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 128 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 129 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 130 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 131 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 132 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 133 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 134 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 135 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5 |
| purl |
pkg:composer/magento/community-edition@2.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 48 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 49 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 50 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 51 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 52 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 53 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 54 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 55 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 56 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 57 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 62 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 63 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 64 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 65 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 66 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 67 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5 |
|
|
| aliases |
CVE-2022-34255, GHSA-x95x-f4g9-mm85
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-c4ms-3und-c7d1 |
|
| 26 |
| url |
VCID-cafy-5dd8-rudj |
| vulnerability_id |
VCID-cafy-5dd8-rudj |
| summary |
Magento allows incorrect authorization
Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-54265, GHSA-r355-75hw-r8jf
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cafy-5dd8-rudj |
|
| 27 |
| url |
VCID-ccx1-qacj-2qev |
| vulnerability_id |
VCID-ccx1-qacj-2qev |
| summary |
Magento Community Edition Improper Input Validation vulnerability
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact to high. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.5-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 1 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 2 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 3 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 4 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 5 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 6 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 7 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 8 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 9 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 10 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 11 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 12 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 13 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 14 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 15 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 16 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 17 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 18 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 19 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 20 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 21 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 22 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 23 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 24 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 25 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 26 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 27 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 28 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 29 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 30 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 31 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 32 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 33 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 34 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 35 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 36 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 37 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 38 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 39 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 40 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 41 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 42 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 43 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 44 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 45 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 46 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 47 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 48 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 49 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 50 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 51 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 52 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 53 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 54 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 55 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 56 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 57 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 58 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 59 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 60 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 61 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p2 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.6-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 2 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 3 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 4 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 5 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 12 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 13 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 14 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 15 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 16 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 17 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 18 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 19 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 20 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 21 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 22 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 23 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 24 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 25 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 26 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 27 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 28 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 29 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 30 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 31 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 32 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 33 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 34 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 35 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 36 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 37 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 38 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 39 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 40 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 41 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 42 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 43 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 44 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 45 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 46 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 51 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 52 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 55 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 56 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 57 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 58 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 74 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 75 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 76 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 77 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 78 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 79 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 80 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 81 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 82 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 83 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 84 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 85 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 86 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 87 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p2 |
|
|
| aliases |
CVE-2025-54236, GHSA-wh92-6q6g-px7j
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ccx1-qacj-2qev |
|
| 28 |
| url |
VCID-cm2a-1yc5-v3cy |
| vulnerability_id |
VCID-cm2a-1yc5-v3cy |
| summary |
Magento has incorrect authorization issue that leads to arbitrary file system read
Magento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction, and scope is unchanged. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-49556, GHSA-7hrj-3c9x-xv5h
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cm2a-1yc5-v3cy |
|
| 29 |
| url |
VCID-cqjn-3z6n-sff1 |
| vulnerability_id |
VCID-cqjn-3z6n-sff1 |
| summary |
Magento Improper Authorization leads to Security feature bypass
Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39416, GHSA-4xgg-rw35-7mv5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cqjn-3z6n-sff1 |
|
| 30 |
| url |
VCID-d6mk-hg8h-7qbc |
| vulnerability_id |
VCID-d6mk-hg8h-7qbc |
| summary |
Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing security mechanisms. Exploitation of this issue requires user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24432, GHSA-7jmr-43qj-pw47
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-d6mk-hg8h-7qbc |
|
| 31 |
| url |
VCID-dj5a-35gt-u7dn |
| vulnerability_id |
VCID-dj5a-35gt-u7dn |
| summary |
Magento vulnerable to privilege escalation due to incorrect authorization
Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to elevated privileges that increase integrity impact to high. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-54267, GHSA-qvwr-p3hj-j6jf
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dj5a-35gt-u7dn |
|
| 32 |
| url |
VCID-du16-f2wp-t3cw |
| vulnerability_id |
VCID-du16-f2wp-t3cw |
| summary |
Magento Open Source Improper Authorization vulnerability
Magento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39412, GHSA-7472-vw39-g2j3
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-du16-f2wp-t3cw |
|
| 33 |
| url |
VCID-dur2-pfke-h7hf |
| vulnerability_id |
VCID-dur2-pfke-h7hf |
| summary |
Magento Open Source Improper Access Control vulnerability
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 1 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 2 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 3 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 4 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 5 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 6 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 7 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 8 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 9 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 10 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 11 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 12 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 13 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 16 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 17 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 18 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 19 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 20 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 21 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 22 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 23 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 24 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 25 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 26 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p6 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 2 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 3 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 4 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 5 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 12 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 13 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 14 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 15 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 16 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 17 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 18 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 19 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 20 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 21 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 22 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 23 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 24 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 25 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 26 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 27 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 28 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 29 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 30 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 31 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 32 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 33 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 34 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 35 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 36 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 37 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 38 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 39 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 40 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 41 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 42 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 43 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 44 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 45 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 46 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 47 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 48 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 49 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 50 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 51 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 52 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 53 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 54 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 55 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 56 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 57 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 58 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 59 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 60 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 61 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 62 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 63 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 64 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 65 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
|
| aliases |
CVE-2024-34107, GHSA-r7cm-g469-wm4g
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dur2-pfke-h7hf |
|
| 34 |
| url |
VCID-e7zd-dn28-4bf1 |
| vulnerability_id |
VCID-e7zd-dn28-4bf1 |
| summary |
Magento Open Source Improper Authentication vulnerability
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access or elevated privileges within the application. Exploitation of this issue does not require user interaction, but attack complexity is high. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.2 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 1 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 2 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 3 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 4 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 5 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 6 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 7 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 8 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 9 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 10 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 11 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 12 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 13 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 16 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 17 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 18 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 19 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 20 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 21 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 22 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 23 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 24 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 25 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 26 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p6 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 2 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 3 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 4 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 5 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 12 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 13 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 14 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 15 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 16 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 17 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 18 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 19 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 20 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 21 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 22 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 23 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 24 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 25 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 26 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 27 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 28 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 29 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 30 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 31 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 32 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 33 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 34 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 35 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 36 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 37 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 38 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 39 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 40 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 41 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 42 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 43 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 44 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 45 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 46 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 47 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 48 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 49 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 50 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 51 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 52 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 53 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 54 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 55 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 56 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 57 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 58 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 59 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 60 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 61 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 62 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 63 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 64 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 65 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
|
| aliases |
CVE-2024-34103, GHSA-f7q4-9gwv-6774
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e7zd-dn28-4bf1 |
|
| 35 |
| url |
VCID-eahe-s41f-ckc1 |
| vulnerability_id |
VCID-eahe-s41f-ckc1 |
| summary |
Magento Open Source Cross-Site Scripting (XSS) vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code. If an admin attacker can trick a user into clicking a specially crafted link or submitting a form, malicious scripts may be executed within the context of the victim's browser and have high impact on confidentiality and integrity. Exploitation of this issue requires user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N |
|
| 1 |
| value |
6.2 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45116, GHSA-873m-72g6-853g
|
| risk_score |
3.6 |
| exploitability |
0.5 |
| weighted_severity |
7.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-eahe-s41f-ckc1 |
|
| 36 |
| url |
VCID-egy6-nku7-zyap |
| vulnerability_id |
VCID-egy6-nku7-zyap |
| summary |
Magento Improper Access Control leads to Security feature bypass
Magento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-27191, GHSA-vhcq-4xrm-2cr2
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-egy6-nku7-zyap |
|
| 37 |
| url |
VCID-evth-swm9-k3de |
| vulnerability_id |
VCID-evth-swm9-k3de |
| summary |
Magento Open Source Improper Access Control vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45121, GHSA-2qhq-fw98-h6wg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-evth-swm9-k3de |
|
| 38 |
| url |
VCID-eygc-ra9u-gyej |
| vulnerability_id |
VCID-eygc-ra9u-gyej |
| summary |
Magento Cross-Site Request Forgery (CSRF) vulnerability
Magento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in privilege escalation. A high-privileged attacker could trick a victim into executing unintended actions on a web application where the victim is authenticated, potentially allowing unauthorized access or modification of sensitive data. Exploitation of this issue requires user interaction in that a victim must visit a malicious website or click on a crafted link. Scope is changed. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-49555, GHSA-5777-jj7p-mpqw
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-eygc-ra9u-gyej |
|
| 39 |
| url |
VCID-fyh6-gupt-eqgm |
| vulnerability_id |
VCID-fyh6-gupt-eqgm |
| summary |
Magento Open Source has Improper Access Control vulnerability
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to leak minor information of another user's account details. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 38 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 39 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 40 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 41 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 42 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 43 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 44 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 45 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 46 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 47 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 58 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 59 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 72 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 73 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 74 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 75 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 76 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 77 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 78 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 79 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 80 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 81 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 82 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 83 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 84 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 85 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 86 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 87 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 88 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 89 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 90 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 91 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 92 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 93 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 94 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 95 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 96 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 97 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 98 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 99 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 100 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 101 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 102 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 103 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 104 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 105 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 106 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 107 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 108 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 109 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 110 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 111 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 112 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 113 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 114 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 115 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 116 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 117 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 118 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 119 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 120 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 121 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 122 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 123 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 124 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 125 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 126 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 127 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 128 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 129 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 130 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 131 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 132 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 133 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 134 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 135 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 136 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p1 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5 |
| purl |
pkg:composer/magento/community-edition@2.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 48 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 49 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 50 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 51 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 52 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 53 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 54 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 55 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 56 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 57 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 62 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 63 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 64 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 65 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 66 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 67 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5 |
|
|
| aliases |
CVE-2022-35692, GHSA-gm4m-9rm8-7rxj
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fyh6-gupt-eqgm |
|
| 40 |
| url |
VCID-fz5y-um7w-63f4 |
| vulnerability_id |
VCID-fz5y-um7w-63f4 |
| summary |
Magento Stored Cross-Site Scripting (XSS) Vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24410, GHSA-gjxp-46rq-wg4q
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fz5y-um7w-63f4 |
|
| 41 |
| url |
VCID-fzm9-e6bg-r7aw |
| vulnerability_id |
VCID-fzm9-e6bg-r7aw |
| summary |
Magento Cross-site Scripting vulnerability
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable form fields. These scripts may be used to escalate privileges within the application or compromise sensitive user data. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.4-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 8 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 9 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 10 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 11 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 12 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 13 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 14 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 15 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 16 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 21 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 22 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 25 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 26 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 27 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 28 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 29 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 30 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 31 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 32 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 33 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 34 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 35 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 36 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 37 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 40 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 41 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 42 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 43 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 44 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 45 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 46 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 47 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 48 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 49 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 50 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 51 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 52 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 53 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 54 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 55 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 56 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2025-49557, GHSA-8mq8-c243-2335
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fzm9-e6bg-r7aw |
|
| 42 |
| url |
VCID-gedj-39p5-ubd6 |
| vulnerability_id |
VCID-gedj-39p5-ubd6 |
| summary |
Magento Stored Cross-Site Scripting (XSS) Vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24413, GHSA-xwgx-8v72-4j5j
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gedj-39p5-ubd6 |
|
| 43 |
| url |
VCID-gxj9-a1hc-47de |
| vulnerability_id |
VCID-gxj9-a1hc-47de |
| summary |
Magento Open Source Improper Access Control vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have high impact on integrity. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
7.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45118, GHSA-cg52-68fv-94qq
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gxj9-a1hc-47de |
|
| 44 |
| url |
VCID-hbau-7tvg-cygz |
| vulnerability_id |
VCID-hbau-7tvg-cygz |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24429, GHSA-656q-fx2w-8ccv
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hbau-7tvg-cygz |
|
| 45 |
| url |
VCID-hd53-pxmk-ruap |
| vulnerability_id |
VCID-hd53-pxmk-ruap |
| summary |
Magento Open Source allows Stored Cross-Site Scripting (Stored XSS)
Adobe Commerce versions 2.4.3-p3 (and earlier), 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by a Stored Cross-site Scripting vulnerability. Exploitation of this issue does not require user interaction and could result in a post-authentication arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
10.0 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
|
| 1 |
| value |
7.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
| reference_url |
https://helpx.adobe.com/security/products/magento/apsb22-48.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
10 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
|
| 1 |
| value |
10.0 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
|
| 2 |
| value |
7.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H |
|
| 3 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:24Z/ |
|
|
| url |
https://helpx.adobe.com/security/products/magento/apsb22-48.html |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 8 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 9 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 10 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 11 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 12 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 13 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 14 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 15 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 16 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 21 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 22 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 25 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 26 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 27 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 28 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 29 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 30 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 31 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 32 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 33 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 34 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 35 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 36 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 37 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 40 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 41 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 42 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 43 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 44 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 45 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 46 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 47 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 48 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 49 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 50 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 51 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 52 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 53 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 54 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 55 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 56 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p2 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 10 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 11 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 12 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 13 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 14 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 15 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 16 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 37 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 38 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 39 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 40 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 41 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 42 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 43 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 44 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 45 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 46 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 47 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 48 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 49 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 50 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 51 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 52 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 53 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 54 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 55 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 56 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 57 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 62 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 63 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 64 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 65 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 66 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 67 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p1 |
|
|
| aliases |
CVE-2022-35698, GHSA-4vj2-426r-jm3g
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hd53-pxmk-ruap |
|
| 46 |
| url |
VCID-hfbb-ax6r-tbaz |
| vulnerability_id |
VCID-hfbb-ax6r-tbaz |
| summary |
Magento Open Source Server-Side Request Forgery (SSRF) vulnerability
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted request to the server, which could then cause the server to execute arbitrary code. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 1 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 2 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 3 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 4 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 5 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 6 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 7 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 8 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 9 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 10 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 11 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 12 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 13 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 16 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 17 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 18 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 19 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 20 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 21 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 22 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 23 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 24 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 25 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 26 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p6 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 2 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 3 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 4 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 5 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 12 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 13 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 14 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 15 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 16 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 17 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 18 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 19 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 20 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 21 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 22 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 23 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 24 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 25 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 26 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 27 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 28 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 29 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 30 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 31 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 32 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 33 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 34 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 35 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 36 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 37 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 38 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 39 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 40 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 41 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 42 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 43 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 44 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 45 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 46 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 47 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 48 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 49 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 50 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 51 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 52 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 53 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 54 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 55 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 56 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 57 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 58 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 59 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 60 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 61 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 62 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 63 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 64 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 65 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
|
| aliases |
CVE-2024-34111, GHSA-jmqp-r3gg-6jh3
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hfbb-ax6r-tbaz |
|
| 47 |
| url |
VCID-hq7k-qz7g-4bc2 |
| vulnerability_id |
VCID-hq7k-qz7g-4bc2 |
| summary |
Magento Path Traversal vulnerability
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could be abused by an attacker to inject malicious scripts into the vulnerable endpoint. A low privileged attacker could leverage this vulnerability to read local files and to perform Stored XSS. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4 |
| purl |
pkg:composer/magento/community-edition@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 58 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 59 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 72 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 73 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 74 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 75 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 76 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 77 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 78 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 79 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 80 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 81 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 82 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 83 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 84 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 85 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 86 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 87 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 88 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 89 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 90 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 91 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 92 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 93 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 94 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 95 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 96 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 97 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 98 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 99 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 100 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 101 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 102 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 103 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 104 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 105 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 106 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 107 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 108 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 109 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 110 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 111 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 112 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 113 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 114 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 115 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 116 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 117 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 118 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 119 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 120 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 121 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 122 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 123 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 124 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 125 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 126 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 127 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 128 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 129 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 130 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 131 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 132 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 133 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 134 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 135 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5 |
| purl |
pkg:composer/magento/community-edition@2.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 48 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 49 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 50 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 51 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 52 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 53 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 54 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 55 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 56 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 57 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 62 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 63 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 64 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 65 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 66 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 67 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5 |
|
|
| aliases |
CVE-2022-34254, GHSA-fx9g-g9q6-x3jx
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hq7k-qz7g-4bc2 |
|
| 48 |
| url |
VCID-j6ss-8f4e-e7g2 |
| vulnerability_id |
VCID-j6ss-8f4e-e7g2 |
| summary |
Magento does not properly protect credentials
Magento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could lead to a security feature bypass. A high privileged attacker could exploit this vulnerability to gain unauthorized access to protected resources by obtaining sensitive credential information. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-27192, GHSA-2r94-wm5v-4prx
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j6ss-8f4e-e7g2 |
|
| 49 |
| url |
VCID-jr49-4fs3-8qcp |
| vulnerability_id |
VCID-jr49-4fs3-8qcp |
| summary |
Improper Authorization vulnerability in Magento and Adobe Commerce
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24434, GHSA-fppq-f2m6-xv5c
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jr49-4fs3-8qcp |
|
| 50 |
| url |
VCID-kezx-5nw5-hfen |
| vulnerability_id |
VCID-kezx-5nw5-hfen |
| summary |
Magento Improper Access Control Leads to Privilege escalation
Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39414, GHSA-x6f9-hv9r-fgq4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kezx-5nw5-hfen |
|
| 51 |
| url |
VCID-kje4-asu6-dfg2 |
| vulnerability_id |
VCID-kje4-asu6-dfg2 |
| summary |
Magento Open Source Improper Access Control vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45129, GHSA-m58h-998x-66f3
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kje4-asu6-dfg2 |
|
| 52 |
| url |
VCID-kq4m-anrt-rugn |
| vulnerability_id |
VCID-kq4m-anrt-rugn |
| summary |
Magento Open Source Improper Authorization vulnerability
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both confidentiality and integrity impact. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.2 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 1 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 2 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 3 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 4 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 5 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 6 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 7 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 8 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 9 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 10 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 11 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 12 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 13 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 16 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 17 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 18 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 19 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 20 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 21 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 22 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 23 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 24 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 25 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 26 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p6 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 2 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 3 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 4 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 5 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 12 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 13 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 14 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 15 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 16 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 17 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 18 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 19 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 20 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 21 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 22 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 23 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 24 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 25 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 26 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 27 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 28 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 29 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 30 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 31 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 32 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 33 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 34 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 35 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 36 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 37 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 38 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 39 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 40 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 41 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 42 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 43 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 44 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 45 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 46 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 47 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 48 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 49 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 50 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 51 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 52 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 53 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 54 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 55 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 56 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 57 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 58 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 59 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 60 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 61 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 62 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 63 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 64 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 65 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
|
| aliases |
CVE-2024-34104, GHSA-wwj3-573j-rvvm
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kq4m-anrt-rugn |
|
| 53 |
| url |
VCID-kuzc-uv5b-v7an |
| vulnerability_id |
VCID-kuzc-uv5b-v7an |
| summary |
Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability
Magento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39409, GHSA-rf4q-m23c-7q8r
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kuzc-uv5b-v7an |
|
| 54 |
| url |
VCID-kyvw-d4e8-1fd4 |
| vulnerability_id |
VCID-kyvw-d4e8-1fd4 |
| summary |
Magento XML Injection vulnerability in the Widgets Module
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an XML Injection vulnerability in the Widgets Module. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4 |
| purl |
pkg:composer/magento/community-edition@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 58 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 59 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 72 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 73 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 74 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 75 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 76 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 77 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 78 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 79 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 80 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 81 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 82 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 83 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 84 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 85 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 86 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 87 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 88 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 89 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 90 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 91 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 92 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 93 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 94 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 95 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 96 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 97 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 98 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 99 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 100 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 101 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 102 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 103 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 104 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 105 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 106 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 107 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 108 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 109 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 110 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 111 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 112 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 113 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 114 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 115 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 116 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 117 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 118 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 119 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 120 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 121 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 122 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 123 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 124 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 125 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 126 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 127 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 128 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 129 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 130 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 131 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 132 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 133 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 134 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 135 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5 |
| purl |
pkg:composer/magento/community-edition@2.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 48 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 49 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 50 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 51 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 52 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 53 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 54 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 55 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 56 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 57 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 62 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 63 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 64 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 65 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 66 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 67 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5 |
|
|
| aliases |
CVE-2022-34253, GHSA-cj7w-pm77-hvg6
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kyvw-d4e8-1fd4 |
|
| 55 |
| url |
VCID-md7v-w5aq-t7h1 |
| vulnerability_id |
VCID-md7v-w5aq-t7h1 |
| summary |
Magento Security feature bypass
Magento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue requires user interaction. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
| 4 |
|
|
| aliases |
CVE-2025-49550, GHSA-8hcx-xvww-6c6h
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-md7v-w5aq-t7h1 |
|
| 56 |
| url |
VCID-mhvf-2keh-2qar |
| vulnerability_id |
VCID-mhvf-2keh-2qar |
| summary |
Magento Stored Cross-Site Scripting (XSS) Vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24417, GHSA-g3j6-9753-8mp2
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mhvf-2keh-2qar |
|
| 57 |
| url |
VCID-mjb6-7au8-5fdx |
| vulnerability_id |
VCID-mjb6-7au8-5fdx |
| summary |
Magento Stored Cross-Site Scripting (XSS) Vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24414, GHSA-fhw6-3mj5-w9gv
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mjb6-7au8-5fdx |
|
| 58 |
| url |
VCID-mzsj-dck5-pqc5 |
| vulnerability_id |
VCID-mzsj-dck5-pqc5 |
| summary |
Magento stored Cross-Site Scripting (XSS) vulnerability
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker with admin privileges to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4 |
| purl |
pkg:composer/magento/community-edition@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 58 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 59 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 72 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 73 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 74 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 75 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 76 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 77 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 78 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 79 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 80 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 81 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 82 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 83 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 84 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 85 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 86 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 87 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 88 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 89 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 90 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 91 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 92 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 93 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 94 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 95 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 96 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 97 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 98 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 99 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 100 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 101 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 102 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 103 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 104 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 105 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 106 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 107 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 108 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 109 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 110 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 111 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 112 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 113 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 114 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 115 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 116 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 117 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 118 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 119 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 120 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 121 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 122 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 123 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 124 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 125 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 126 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 127 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 128 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 129 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 130 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 131 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 132 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 133 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 134 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 135 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5 |
| purl |
pkg:composer/magento/community-edition@2.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 48 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 49 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 50 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 51 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 52 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 53 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 54 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 55 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 56 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 57 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 62 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 63 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 64 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 65 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 66 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 67 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5 |
|
|
| aliases |
CVE-2022-34258, GHSA-5m55-g8pv-x8ww
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mzsj-dck5-pqc5 |
|
| 59 |
| url |
VCID-ns8t-vtcn-aqh4 |
| vulnerability_id |
VCID-ns8t-vtcn-aqh4 |
| summary |
Magento Open Source Improper Access Control vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45149, GHSA-w7rg-7wq2-pjrw
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ns8t-vtcn-aqh4 |
|
| 60 |
| url |
VCID-pxxm-ce8x-abdq |
| vulnerability_id |
VCID-pxxm-ce8x-abdq |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4 |
| purl |
pkg:composer/magento/community-edition@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 58 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 59 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 72 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 73 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 74 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 75 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 76 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 77 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 78 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 79 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 80 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 81 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 82 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 83 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 84 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 85 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 86 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 87 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 88 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 89 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 90 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 91 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 92 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 93 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 94 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 95 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 96 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 97 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 98 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 99 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 100 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 101 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 102 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 103 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 104 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 105 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 106 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 107 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 108 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 109 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 110 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 111 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 112 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 113 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 114 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 115 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 116 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 117 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 118 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 119 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 120 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 121 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 122 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 123 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 124 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 125 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 126 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 127 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 128 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 129 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 130 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 131 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 132 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 133 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 134 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 135 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5 |
| purl |
pkg:composer/magento/community-edition@2.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 48 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 49 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 50 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 51 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 52 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 53 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 54 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 55 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 56 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 57 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 62 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 63 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 64 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 65 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 66 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 67 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5 |
|
|
| aliases |
CVE-2022-34259, GHSA-9wjf-94h3-r4rh
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pxxm-ce8x-abdq |
|
| 61 |
| url |
VCID-qgpx-hgzu-5qgp |
| vulnerability_id |
VCID-qgpx-hgzu-5qgp |
| summary |
Magento Open Source Improper Access Control vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45122, GHSA-46fm-x82m-5f74
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qgpx-hgzu-5qgp |
|
| 62 |
| url |
VCID-qp7s-amch-v3cd |
| vulnerability_id |
VCID-qp7s-amch-v3cd |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to modify limited fields. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24435, GHSA-82p4-55gj-956p
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qp7s-amch-v3cd |
|
| 63 |
| url |
VCID-qrwc-3gsb-zkfy |
| vulnerability_id |
VCID-qrwc-3gsb-zkfy |
| summary |
Magento provides incorrect authorization through a security feature bypass
Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-54263, GHSA-69x9-xp2j-w8g8
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qrwc-3gsb-zkfy |
|
| 64 |
| url |
VCID-qzqd-271b-ybfj |
| vulnerability_id |
VCID-qzqd-271b-ybfj |
| summary |
Magento Information Exposure vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Information Exposure vulnerability that could result in privilege escalation. A low-privileged attacker could gain unauthorized access to sensitive information. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24408, GHSA-3cfg-w257-cgf8
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qzqd-271b-ybfj |
|
| 65 |
| url |
VCID-r4bw-w4t9-23ek |
| vulnerability_id |
VCID-r4bw-w4t9-23ek |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24427, GHSA-v3hq-g424-5mgg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r4bw-w4t9-23ek |
|
| 66 |
| url |
VCID-rduw-apr6-4fdu |
| vulnerability_id |
VCID-rduw-apr6-4fdu |
| summary |
Magento Open Source Improper Access Control vulnerability
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An admin attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
2.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45135, GHSA-8pxg-gcp4-57ww
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rduw-apr6-4fdu |
|
| 67 |
| url |
VCID-re84-qg3k-3ub3 |
| vulnerability_id |
VCID-re84-qg3k-3ub3 |
| summary |
Adobe Commerce Path Traversal
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to a security feature bypass. An unauthenticated attacker could exploit this vulnerability to modify files that are stored outside the restricted directory. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24406, GHSA-954p-ff72-327w
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-re84-qg3k-3ub3 |
|
| 68 |
| url |
VCID-rxac-w9pd-aqe1 |
| vulnerability_id |
VCID-rxac-w9pd-aqe1 |
| summary |
Magento Open Source Improper Authorization vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality and integrity. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45131, GHSA-xc5p-773w-m3pm
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rxac-w9pd-aqe1 |
|
| 69 |
| url |
VCID-s4bp-kzfu-8qfy |
| vulnerability_id |
VCID-s4bp-kzfu-8qfy |
| summary |
Magento Stored Cross-Site Scripting (XSS) Vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24412, GHSA-m4rg-mpp2-97px
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s4bp-kzfu-8qfy |
|
| 70 |
| url |
VCID-scg7-ugdn-53b9 |
| vulnerability_id |
VCID-scg7-ugdn-53b9 |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24424, GHSA-539v-w87w-w62c
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-scg7-ugdn-53b9 |
|
| 71 |
| url |
VCID-shfz-pxan-v3ar |
| vulnerability_id |
VCID-shfz-pxan-v3ar |
| summary |
Magento Open Source Cross-Site Request Forgery vulnerability
Magento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39408, GHSA-4cj6-f32v-6hgx
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-shfz-pxan-v3ar |
|
| 72 |
| url |
VCID-tc3m-4bkg-qkcf |
| vulnerability_id |
VCID-tc3m-4bkg-qkcf |
| summary |
Magento Improper Authorization leading to security feature bypass
Magento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access leading to a limited impact to confidentiality and a high impact to integrity. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
| 4 |
|
|
| aliases |
CVE-2025-43585, GHSA-r487-9vv5-75gg
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tc3m-4bkg-qkcf |
|
| 73 |
| url |
VCID-te3b-exz5-zke1 |
| vulnerability_id |
VCID-te3b-exz5-zke1 |
| summary |
Magento Stored Cross-Site Scripting (XSS) Vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24415, GHSA-gc27-rvvm-q77r
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-te3b-exz5-zke1 |
|
| 74 |
| url |
VCID-th7y-aj51-mbaj |
| vulnerability_id |
VCID-th7y-aj51-mbaj |
| summary |
Magento vulnerable to stored Cross-Site Scripting (XSS)
Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-54264, GHSA-2768-5wmv-cfff
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-th7y-aj51-mbaj |
|
| 75 |
| url |
VCID-tvz9-8s4d-gbg6 |
| vulnerability_id |
VCID-tvz9-8s4d-gbg6 |
| summary |
Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing security mechanisms. Exploitation of this issue requires user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24430, GHSA-6w27-c66f-gvhq
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tvz9-8s4d-gbg6 |
|
| 76 |
| url |
VCID-txb3-ez5r-r7ek |
| vulnerability_id |
VCID-txb3-ez5r-r7ek |
| summary |
Magento Open Source Improper Input Validation vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to read files from the system outside of the intended directories via PHP filter chain and also can have a low-availability impact on the service. Exploitation of this issue does not require user interaction and scope is changed. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.6 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L |
|
| 1 |
| value |
6.2 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45117, GHSA-3fr3-gcqh-3m2g
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-txb3-ez5r-r7ek |
|
| 77 |
| url |
VCID-tzug-ckkn-dyft |
| vulnerability_id |
VCID-tzug-ckkn-dyft |
| summary |
Magento vulnerable to denial of service
Magento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input, causing the application to crash or become unresponsive. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-49554, GHSA-xgfm-992v-h2hr
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tzug-ckkn-dyft |
|
| 78 |
| url |
VCID-ugyc-gehq-rudu |
| vulnerability_id |
VCID-ugyc-gehq-rudu |
| summary |
Magento Open Source Incorrect Authorization vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to have a low impact on integrity. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45125, GHSA-xg36-8c2v-jpxh
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ugyc-gehq-rudu |
|
| 79 |
| url |
VCID-vcdk-gdky-7fdg |
| vulnerability_id |
VCID-vcdk-gdky-7fdg |
| summary |
Magento stored Cross-Site Scripting (XSS) vulnerability
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4 |
| purl |
pkg:composer/magento/community-edition@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 58 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 59 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 72 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 73 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 74 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 75 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 76 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 77 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 78 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 79 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 80 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 81 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 82 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 83 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 84 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 85 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 86 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 87 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 88 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 89 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 90 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 91 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 92 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 93 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 94 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 95 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 96 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 97 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 98 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 99 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 100 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 101 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 102 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 103 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 104 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 105 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 106 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 107 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 108 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 109 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 110 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 111 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 112 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 113 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 114 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 115 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 116 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 117 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 118 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 119 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 120 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 121 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 122 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 123 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 124 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 125 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 126 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 127 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 128 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 129 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 130 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 131 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 132 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 133 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 134 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 135 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5 |
| purl |
pkg:composer/magento/community-edition@2.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 48 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 49 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 50 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 51 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 52 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 53 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 54 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 55 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 56 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 57 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 62 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 63 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 64 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 65 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 66 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 67 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5 |
|
|
| aliases |
CVE-2022-34257, GHSA-rg7p-wmgj-f374
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vcdk-gdky-7fdg |
|
| 80 |
| url |
VCID-vp8y-y64r-wkc9 |
| vulnerability_id |
VCID-vp8y-y64r-wkc9 |
| summary |
Magento Improper Authorization vulnerability
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to access other user's data. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4 |
| purl |
pkg:composer/magento/community-edition@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 58 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 59 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 72 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 73 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 74 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 75 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 76 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 77 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 78 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 79 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 80 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 81 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 82 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 83 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 84 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 85 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 86 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 87 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 88 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 89 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 90 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 91 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 92 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 93 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 94 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 95 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 96 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 97 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 98 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 99 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 100 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 101 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 102 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 103 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 104 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 105 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 106 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 107 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 108 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 109 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 110 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 111 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 112 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 113 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 114 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 115 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 116 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 117 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 118 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 119 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 120 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 121 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 122 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 123 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 124 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 125 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 126 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 127 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 128 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 129 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 130 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 131 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 132 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 133 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 134 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 135 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5 |
| purl |
pkg:composer/magento/community-edition@2.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 48 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 49 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 50 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 51 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 52 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 53 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 54 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 55 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 56 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 57 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 62 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 63 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 64 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 65 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 66 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 67 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5 |
|
|
| aliases |
CVE-2022-34256, GHSA-r7mm-grf3-5fjv
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vp8y-y64r-wkc9 |
|
| 81 |
| url |
VCID-vu36-a1g1-nugt |
| vulnerability_id |
VCID-vu36-a1g1-nugt |
| summary |
Magento Open Source Improper Authorization vulnerability
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and affect confidentiality. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
7.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45132, GHSA-5f64-ppmg-cvvm
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vu36-a1g1-nugt |
|
| 82 |
| url |
VCID-vx13-4b1d-wbgp |
| vulnerability_id |
VCID-vx13-4b1d-wbgp |
| summary |
Magento Open Source Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature bypass. An attacker could exploit this vulnerability to alter a condition between the check and the use of a resource, having a low impact on integrity. Exploitation of this issue requires user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
| reference_url |
https://helpx.adobe.com/security/products/magento/apsb24-73.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:01:07Z/ |
|
|
| url |
https://helpx.adobe.com/security/products/magento/apsb24-73.html |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45120, GHSA-47jp-46c9-25vf
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vx13-4b1d-wbgp |
|
| 83 |
| url |
VCID-wvyx-2bbb-9yf7 |
| vulnerability_id |
VCID-wvyx-2bbb-9yf7 |
| summary |
Magento Open Source Information Exposure vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
2.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45133, GHSA-j3mh-wx5f-2vhg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wvyx-2bbb-9yf7 |
|
| 84 |
| url |
VCID-wzu6-rbsv-mkde |
| vulnerability_id |
VCID-wzu6-rbsv-mkde |
| summary |
Magento vulnerable to path traversal
Magento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to modify limited data. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-49559, GHSA-h4f4-gv6h-x824
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wzu6-rbsv-mkde |
|
| 85 |
| url |
VCID-xfvu-2zg4-ruf6 |
| vulnerability_id |
VCID-xfvu-2zg4-ruf6 |
| summary |
Magento Improper Authorization vulnerability
Magento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2025-27188, GHSA-rr2g-rrjj-xw86
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xfvu-2zg4-ruf6 |
|
| 86 |
| url |
VCID-xk5y-7a1w-zba9 |
| vulnerability_id |
VCID-xk5y-7a1w-zba9 |
| summary |
Magento Open Source Server-Side Request Forgery (SSRF) vulnerability
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45119, GHSA-g9fm-wc6h-pvgj
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xk5y-7a1w-zba9 |
|
| 87 |
| url |
VCID-xsq8-ztqh-ubb8 |
| vulnerability_id |
VCID-xsq8-ztqh-ubb8 |
| summary |
Magento stored Cross-Site Scripting (XSS) vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24438, GHSA-8884-7rm9-mrx4
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xsq8-ztqh-ubb8 |
|
| 88 |
| url |
VCID-y1v3-9tyq-uqhd |
| vulnerability_id |
VCID-y1v3-9tyq-uqhd |
| summary |
Magento Open Source Information Exposure vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
2.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45134, GHSA-4f89-5cwm-rm5g
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y1v3-9tyq-uqhd |
|
| 89 |
| url |
VCID-y4u6-cy8y-hyae |
| vulnerability_id |
VCID-y4u6-cy8y-hyae |
| summary |
Magento Open Source Path Traversal vulnerability
Magento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39406, GHSA-6pxh-2557-5cj5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y4u6-cy8y-hyae |
|
| 90 |
| url |
VCID-y7x4-664r-3fbk |
| vulnerability_id |
VCID-y7x4-664r-3fbk |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24436, GHSA-ghpr-6qhr-rpp8
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y7x4-664r-3fbk |
|
| 91 |
| url |
VCID-y93w-2qcc-wqg8 |
| vulnerability_id |
VCID-y93w-2qcc-wqg8 |
| summary |
Magento Open Source affected by Improper Input Validation
Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability. Exploitation of this issue does not require user interaction and could result in a post-authentication arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.2 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
| reference_url |
https://helpx.adobe.com/security/products/magento/apsb22-13.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.2 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
|
| 2 |
| value |
6.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-26T21:51:54Z/ |
|
|
| url |
https://helpx.adobe.com/security/products/magento/apsb22-13.html |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 38 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 39 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 40 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 41 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 42 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 43 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 44 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 45 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 46 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 47 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 58 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 59 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 72 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 73 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 74 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 75 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 76 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 77 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 78 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 79 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 80 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 81 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 82 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 83 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 84 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 85 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 86 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 87 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 88 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 89 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 90 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 91 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 92 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 93 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 94 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 95 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 96 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 97 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 98 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 99 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 100 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 101 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 102 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 103 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 104 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 105 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 106 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 107 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 108 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 109 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 110 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 111 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 112 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 113 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 114 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 115 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 116 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 117 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 118 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 119 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 120 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 121 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 122 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 123 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 124 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 125 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 126 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 127 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 128 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 129 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 130 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 131 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 132 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 133 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 134 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 135 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 136 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p1 |
|
|
| aliases |
CVE-2022-24093, GHSA-5xmp-7wg5-x68q
|
| risk_score |
3.2 |
| exploitability |
0.5 |
| weighted_severity |
6.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y93w-2qcc-wqg8 |
|
| 92 |
| url |
VCID-yyq6-dvyx-3bb9 |
| vulnerability_id |
VCID-yyq6-dvyx-3bb9 |
| summary |
Magento vulnerable to stored Cross-Site Scripting (XSS)
Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-54266, GHSA-pcrx-r49h-x2w5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yyq6-dvyx-3bb9 |
|
| 93 |
| url |
VCID-z2v2-n138-6ydv |
| vulnerability_id |
VCID-z2v2-n138-6ydv |
| summary |
Magento Open Source stored Cross-Site Scripting (XSS) vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
4.8 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45127, GHSA-c89g-gq5r-2xw2
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z2v2-n138-6ydv |
|
| 94 |
| url |
VCID-zdpz-8tc2-6kah |
| vulnerability_id |
VCID-zdpz-8tc2-6kah |
| summary |
Magento Open Source Improper Authorization vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity and availability. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45128, GHSA-qpp7-742q-58j3
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zdpz-8tc2-6kah |
|