Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/67778?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/67778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p7", "type": "composer", "namespace": "magento", "name": "community-edition", "version": "2.4.4-p7", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.4.6-p13", "latest_non_vulnerable_version": "2.4.9-alpha3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/255637?format=api", "vulnerability_id": "VCID-1yj1-79jb-wyht", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34104", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.70281", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34104" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799" }, { "reference_url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2" }, { "reference_url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c" }, { "reference_url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-14T13:48:20Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34104", "reference_id": "CVE-2024-34104", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34104" }, { "reference_url": "https://github.com/advisories/GHSA-wwj3-573j-rvvm", "reference_id": "GHSA-wwj3-573j-rvvm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wwj3-573j-rvvm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81755?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/81754?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/81756?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/66131?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-34104", "GHSA-wwj3-573j-rvvm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1yj1-79jb-wyht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/20438?format=api", "vulnerability_id": "VCID-2495-ugn7-v7fk", "summary": "Magento vulnerable to stored Cross-Site Scripting (XSS)\nMagento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54266", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18113", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54266" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:24:32Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54266", "reference_id": "CVE-2025-54266", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54266" }, { "reference_url": "https://github.com/advisories/GHSA-pcrx-r49h-x2w5", "reference_id": "GHSA-pcrx-r49h-x2w5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pcrx-r49h-x2w5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/69659?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/69658?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/69657?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/69656?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3" } ], "aliases": [ "CVE-2025-54266", "GHSA-pcrx-r49h-x2w5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2495-ugn7-v7fk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/299805?format=api", "vulnerability_id": "VCID-3jns-w9p4-jyca", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-43585", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.6954", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-43585" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T17:23:05Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43585", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43585" }, { "reference_url": "https://github.com/advisories/GHSA-r487-9vv5-75gg", "reference_id": "GHSA-r487-9vv5-75gg", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-r487-9vv5-75gg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-epeq-fvse-xudw" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/195788?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-epeq-fvse-xudw" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/195787?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-epeq-fvse-xudw" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/69653?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/69655?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-43585", "GHSA-r487-9vv5-75gg" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3jns-w9p4-jyca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/302978?format=api", "vulnerability_id": "VCID-53d5-qzm4-vfgs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49555", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29366", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49555" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:10Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49555", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49555" }, { "reference_url": "https://github.com/advisories/GHSA-5777-jj7p-mpqw", "reference_id": "GHSA-5777-jj7p-mpqw", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-5777-jj7p-mpqw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/194770?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/194769?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/194768?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/194767?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/194766?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2" } ], "aliases": [ "CVE-2025-49555", "GHSA-5777-jj7p-mpqw" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-53d5-qzm4-vfgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/255638?format=api", "vulnerability_id": "VCID-6srg-smmw-hycj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34105", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01961", "scoring_system": "epss", "scoring_elements": "0.83806", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34105" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799" }, { "reference_url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2" }, { "reference_url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c" }, { "reference_url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T16:04:12Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34105", "reference_id": "CVE-2024-34105", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34105" }, { "reference_url": "https://github.com/advisories/GHSA-5632-wq7m-gfq9", "reference_id": "GHSA-5632-wq7m-gfq9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5632-wq7m-gfq9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81755?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/81754?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/81756?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/66131?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-34105", "GHSA-5632-wq7m-gfq9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6srg-smmw-hycj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/20439?format=api", "vulnerability_id": "VCID-9gte-ub5c-mqas", "summary": "Magento allows incorrect authorization\nMagento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54265", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29601", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54265" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T20:35:42Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54265", "reference_id": "CVE-2025-54265", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54265" }, { "reference_url": "https://github.com/advisories/GHSA-r355-75hw-r8jf", "reference_id": "GHSA-r355-75hw-r8jf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r355-75hw-r8jf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/69659?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/69658?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/69657?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/69656?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3" } ], "aliases": [ "CVE-2025-54265", "GHSA-r355-75hw-r8jf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9gte-ub5c-mqas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/306331?format=api", "vulnerability_id": "VCID-a9hc-nhv2-7ubx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54236", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.72152", "scoring_system": "epss", "scoring_elements": "0.98776", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54236" }, { "reference_url": "https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-88.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-10-24T14:08:30Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-88.html" }, { "reference_url": "https://nullsecurityx.codes/cve-2025-54236-sessionreaper-unauthenticated-rce-in-magento", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nullsecurityx.codes/cve-2025-54236-sessionreaper-unauthenticated-rce-in-magento" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54236", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54236" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54236", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54236" }, { "reference_url": "https://github.com/advisories/GHSA-wh92-6q6g-px7j", "reference_id": "GHSA-wh92-6q6g-px7j", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-wh92-6q6g-px7j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63237?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1xvu-3fjk-t7ay" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-1yr5-8e84-cyf5" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-389t-bp5k-yqbw" }, { "vulnerability": "VCID-3d83-1r55-uqfb" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-4rga-e18t-myh6" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-6gue-nxx5-u3h6" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-8wm3-xqbd-zqf5" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-9u6k-hbxd-8bds" }, { "vulnerability": "VCID-9v4c-gauv-wyh2" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-b6wy-nzzg-k3em" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-de3q-b1v4-bybu" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-kj9m-ccf8-gyep" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rmqf-8w57-uydk" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ub5g-fuqv-xqej" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-xhej-jypg-7fah" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/65313?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-16x4-fjuv-hbc4" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-c7rf-4ky3-tyev" }, { "vulnerability": "VCID-ca94-mqq1-jyaz" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-whzv-vgev-rqd4" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p2" } ], "aliases": [ "CVE-2025-54236", "GHSA-wh92-6q6g-px7j" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a9hc-nhv2-7ubx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/302979?format=api", "vulnerability_id": "VCID-annu-j9a3-xkhs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49556", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50185", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49556" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:18:25Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49556", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49556" }, { "reference_url": "https://github.com/advisories/GHSA-7hrj-3c9x-xv5h", "reference_id": "GHSA-7hrj-3c9x-xv5h", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-7hrj-3c9x-xv5h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/194770?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/194769?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/194768?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/194767?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/194766?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2" } ], "aliases": [ "CVE-2025-49556", "GHSA-7hrj-3c9x-xv5h" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-annu-j9a3-xkhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/20443?format=api", "vulnerability_id": "VCID-d372-f5hu-1bhr", "summary": "Magento provides incorrect authorization through a security feature bypass\nMagento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54263", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25901", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54263" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:29Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54263", "reference_id": "CVE-2025-54263", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54263" }, { "reference_url": "https://github.com/advisories/GHSA-69x9-xp2j-w8g8", "reference_id": "GHSA-69x9-xp2j-w8g8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-69x9-xp2j-w8g8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/69659?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/69658?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/69657?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/69656?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3" } ], "aliases": [ "CVE-2025-54263", "GHSA-69x9-xp2j-w8g8" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d372-f5hu-1bhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/302972?format=api", "vulnerability_id": "VCID-gyd8-hu6s-wkgt", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49549", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66881", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49549" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T18:12:28Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49549", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49549" }, { "reference_url": "https://github.com/advisories/GHSA-85jx-x9r4-45m2", "reference_id": "GHSA-85jx-x9r4-45m2", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-85jx-x9r4-45m2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-epeq-fvse-xudw" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/195788?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-epeq-fvse-xudw" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/195787?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-epeq-fvse-xudw" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/69653?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/69655?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-49549", "GHSA-85jx-x9r4-45m2" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gyd8-hu6s-wkgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/20442?format=api", "vulnerability_id": "VCID-hbre-ty72-g7gy", "summary": "Magento vulnerable to stored Cross-Site Scripting (XSS)\nMagento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24578", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54264" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:28Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54264", "reference_id": "CVE-2025-54264", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54264" }, { "reference_url": "https://github.com/advisories/GHSA-2768-5wmv-cfff", "reference_id": "GHSA-2768-5wmv-cfff", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2768-5wmv-cfff" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/69659?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/69658?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/69657?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/69656?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3" } ], "aliases": [ "CVE-2025-54264", "GHSA-2768-5wmv-cfff" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hbre-ty72-g7gy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19871?format=api", "vulnerability_id": "VCID-hwb9-yxzn-zub5", "summary": "Magento Open Source allows Cross-Site Scripting (XSS)\nAdobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Confidentiality and integrity are considered high due to having admin impact.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20759", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01627", "scoring_system": "epss", "scoring_elements": "0.82182", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20759" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-18.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-11T04:01:07Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-18.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20759", "reference_id": "CVE-2024-20759", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20759" }, { "reference_url": "https://github.com/advisories/GHSA-59vf-hjxc-f9c5", "reference_id": "GHSA-59vf-hjxc-f9c5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-59vf-hjxc-f9c5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/68502?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/68501?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/68500?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p5" }, { "url": "http://public2.vulnerablecode.io/api/packages/66132?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7" } ], "aliases": [ "CVE-2024-20759", "GHSA-59vf-hjxc-f9c5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hwb9-yxzn-zub5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/255639?format=api", "vulnerability_id": "VCID-k55s-dcep-mbbk", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34106", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00654", "scoring_system": "epss", "scoring_elements": "0.71275", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34106" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799" }, { "reference_url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2" }, { "reference_url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c" }, { "reference_url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-13T16:21:10Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34106", "reference_id": "CVE-2024-34106", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34106" }, { "reference_url": "https://github.com/advisories/GHSA-p6h9-gx5g-wg64", "reference_id": "GHSA-p6h9-gx5g-wg64", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p6h9-gx5g-wg64" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81755?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/81754?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/81756?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/66131?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-34106", "GHSA-p6h9-gx5g-wg64" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k55s-dcep-mbbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/289955?format=api", "vulnerability_id": "VCID-mgk4-9tan-a7fj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72444", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27206" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T18:08:33Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27206", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27206" }, { "reference_url": "https://github.com/advisories/GHSA-g2pj-xmxq-3r9q", "reference_id": "GHSA-g2pj-xmxq-3r9q", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-g2pj-xmxq-3r9q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-epeq-fvse-xudw" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/195788?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-epeq-fvse-xudw" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/195787?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-epeq-fvse-xudw" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/69653?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/69655?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-27206", "GHSA-g2pj-xmxq-3r9q" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mgk4-9tan-a7fj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/255640?format=api", "vulnerability_id": "VCID-mgxx-zdm4-9fe7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34107", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.72972", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34107" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799" }, { "reference_url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2" }, { "reference_url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c" }, { "reference_url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-14T13:30:50Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34107", "reference_id": "CVE-2024-34107", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34107" }, { "reference_url": "https://github.com/advisories/GHSA-r7cm-g469-wm4g", "reference_id": "GHSA-r7cm-g469-wm4g", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r7cm-g469-wm4g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81755?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/81754?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/81756?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/66131?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-34107", "GHSA-r7cm-g469-wm4g" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mgxx-zdm4-9fe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19848?format=api", "vulnerability_id": "VCID-pqpk-dh2p-4yc8", "summary": "Magento Open Source allows Improper Input Validation\nAdobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, but the attack complexity is high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20758", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02201", "scoring_system": "epss", "scoring_elements": "0.84703", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20758" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-18.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-04-11T04:01:06Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-18.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20758", "reference_id": "CVE-2024-20758", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "8.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20758" }, { "reference_url": "https://github.com/advisories/GHSA-wh4m-6rh3-p4rq", "reference_id": "GHSA-wh4m-6rh3-p4rq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wh4m-6rh3-p4rq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/68502?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/68501?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/68500?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p5" }, { "url": "http://public2.vulnerablecode.io/api/packages/66132?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7" } ], "aliases": [ "CVE-2024-20758", "GHSA-wh4m-6rh3-p4rq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pqpk-dh2p-4yc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/255636?format=api", "vulnerability_id": "VCID-rv3b-5ja1-dkdv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34103", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01824", "scoring_system": "epss", "scoring_elements": "0.83204", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34103" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799" }, { "reference_url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2" }, { "reference_url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c" }, { "reference_url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:29Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34103", "reference_id": "CVE-2024-34103", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34103" }, { "reference_url": "https://github.com/advisories/GHSA-f7q4-9gwv-6774", "reference_id": "GHSA-f7q4-9gwv-6774", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f7q4-9gwv-6774" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81755?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/81754?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/81756?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/66131?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-34103", "GHSA-f7q4-9gwv-6774" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rv3b-5ja1-dkdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/20445?format=api", "vulnerability_id": "VCID-tk7j-4vsm-e7c6", "summary": "Magento vulnerable to privilege escalation due to incorrect authorization\nMagento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to elevated privileges that increase integrity impact to high. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54267", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20459", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54267" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-16T03:56:04Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54267", "reference_id": "CVE-2025-54267", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54267" }, { "reference_url": "https://github.com/advisories/GHSA-qvwr-p3hj-j6jf", "reference_id": "GHSA-qvwr-p3hj-j6jf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qvwr-p3hj-j6jf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/69659?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/69658?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/69657?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/69656?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3" } ], "aliases": [ "CVE-2025-54267", "GHSA-qvwr-p3hj-j6jf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tk7j-4vsm-e7c6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/302977?format=api", "vulnerability_id": "VCID-vjad-xkj2-nygh", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49554", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52607", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49554" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:18:27Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49554", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49554" }, { "reference_url": "https://github.com/advisories/GHSA-xgfm-992v-h2hr", "reference_id": "GHSA-xgfm-992v-h2hr", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-xgfm-992v-h2hr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/194770?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/194769?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/194768?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/194767?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/194766?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2" } ], "aliases": [ "CVE-2025-49554", "GHSA-xgfm-992v-h2hr" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vjad-xkj2-nygh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/302981?format=api", "vulnerability_id": "VCID-weqh-3ye3-nbbp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49558", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66502", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49558" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:13Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49558", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49558" }, { "reference_url": "https://github.com/advisories/GHSA-wcmw-8xpp-rwfj", "reference_id": "GHSA-wcmw-8xpp-rwfj", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-wcmw-8xpp-rwfj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/194770?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/194769?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/194768?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/194767?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/194766?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2" } ], "aliases": [ "CVE-2025-49558", "GHSA-wcmw-8xpp-rwfj" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-weqh-3ye3-nbbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/302982?format=api", "vulnerability_id": "VCID-yjgp-6ntk-xbc3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69477", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49559" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:14Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49559", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49559" }, { "reference_url": "https://github.com/advisories/GHSA-h4f4-gv6h-x824", "reference_id": "GHSA-h4f4-gv6h-x824", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-h4f4-gv6h-x824" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/194770?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/194769?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/194768?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/194767?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/194766?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2" } ], "aliases": [ "CVE-2025-49559", "GHSA-h4f4-gv6h-x824" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yjgp-6ntk-xbc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/301158?format=api", "vulnerability_id": "VCID-yzdu-4cnk-5uft", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47110", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72534", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47110" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-10T18:09:25Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47110", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47110" }, { "reference_url": "https://github.com/advisories/GHSA-j934-vjh5-vf9r", "reference_id": "GHSA-j934-vjh5-vf9r", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-j934-vjh5-vf9r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-epeq-fvse-xudw" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/195788?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-epeq-fvse-xudw" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/195787?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-epeq-fvse-xudw" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/196023?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/69655?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-47110", "GHSA-j934-vjh5-vf9r" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yzdu-4cnk-5uft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/255635?format=api", "vulnerability_id": "VCID-z8qf-cqwg-zkan", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34102", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.94149", "scoring_system": "epss", "scoring_elements": "0.99919", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34102" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799" }, { "reference_url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2" }, { "reference_url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c" }, { "reference_url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482#diff-84a0773a6287fbbaadf3b9103f4a137fc0b6946de2437ddfd6f60a0722cf8d23", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482#diff-84a0773a6287fbbaadf3b9103f4a137fc0b6946de2437ddfd6f60a0722cf8d23" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-07-18T03:55:19Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html" }, { "reference_url": "https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-07-18T03:55:19Z/" } ], "url": "https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34102", "reference_id": "CVE-2024-34102", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34102" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2024-34102.yaml", "reference_id": "CVE-2024-34102.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2024-34102.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-m8cj-3v68-3cxj", "reference_id": "GHSA-m8cj-3v68-3cxj", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m8cj-3v68-3cxj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81755?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/81754?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/81756?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/66131?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-34102", "GHSA-m8cj-3v68-3cxj" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z8qf-cqwg-zkan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/302973?format=api", "vulnerability_id": "VCID-zgzb-haur-s7aq", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49550", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64811", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49550" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T18:07:51Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49550", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49550" }, { "reference_url": "https://github.com/advisories/GHSA-8hcx-xvww-6c6h", "reference_id": "GHSA-8hcx-xvww-6c6h", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-8hcx-xvww-6c6h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-epeq-fvse-xudw" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/195788?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-epeq-fvse-xudw" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/195787?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-epeq-fvse-xudw" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/69653?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-uv6e-ctrt-eycw" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/69655?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-49550", "GHSA-8hcx-xvww-6c6h" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zgzb-haur-s7aq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/255644?format=api", "vulnerability_id": "VCID-zwsv-4q8h-x3e7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34111", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73625", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34111" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799" }, { "reference_url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2" }, { "reference_url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c" }, { "reference_url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T21:18:03Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-40.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34111", "reference_id": "CVE-2024-34111", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34111" }, { "reference_url": "https://github.com/advisories/GHSA-jmqp-r3gg-6jh3", "reference_id": "GHSA-jmqp-r3gg-6jh3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jmqp-r3gg-6jh3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81755?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/81754?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/81756?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/66131?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-34111", "GHSA-jmqp-r3gg-6jh3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zwsv-4q8h-x3e7" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19432?format=api", "vulnerability_id": "VCID-16x4-fjuv-hbc4", "summary": "Magento Open Source allows Cross-Site Request Forgery (CSRF)\nAdobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to trick a victim into performing actions they did not intend to do, which could be used to bypass security measures and gain unauthorized access. Exploitation of this issue requires user interaction, typically in the form of the victim clicking a link or visiting a malicious website.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20718", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30601", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20718" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-29T17:27:46Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20718", "reference_id": "CVE-2024-20718", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20718" }, { "reference_url": "https://github.com/advisories/GHSA-hqgj-4396-hmxv", "reference_id": "GHSA-hqgj-4396-hmxv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hqgj-4396-hmxv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/67778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/67777?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/67776?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/66131?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-20718", "GHSA-hqgj-4396-hmxv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-16x4-fjuv-hbc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19435?format=api", "vulnerability_id": "VCID-c7rf-4ky3-tyev", "summary": "Magento Open Source allows Uncontrolled Resource Consumption\nAdobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to an application denial-of-service. A high-privileged attacker could leverage this vulnerability to exhaust system resources, causing the application to slow down or crash. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20716", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50174", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20716" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-18T00:20:23Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20716", "reference_id": "CVE-2024-20716", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20716" }, { "reference_url": "https://github.com/advisories/GHSA-c9h9-h5gf-885r", "reference_id": "GHSA-c9h9-h5gf-885r", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c9h9-h5gf-885r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/67778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/67777?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/67776?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/66131?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-20716", "GHSA-c9h9-h5gf-885r" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c7rf-4ky3-tyev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19436?format=api", "vulnerability_id": "VCID-ca94-mqq1-jyaz", "summary": "Magento Open Source allows OS Command Injection\nAdobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20720", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07195", "scoring_system": "epss", "scoring_elements": "0.91722", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20720" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "7.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "7.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-11T17:46:31Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20720", "reference_id": "CVE-2024-20720", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "7.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20720" }, { "reference_url": "https://github.com/advisories/GHSA-525f-pvj5-vqmq", "reference_id": "GHSA-525f-pvj5-vqmq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-525f-pvj5-vqmq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/67778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/67777?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/67776?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/66131?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-20720", "GHSA-525f-pvj5-vqmq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ca94-mqq1-jyaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19434?format=api", "vulnerability_id": "VCID-whzv-vgev-rqd4", "summary": "Magento Open Source allows Cross-Site Scripting (XSS)\nAdobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into every admin page. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field, that could be leveraged to gain admin access.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20719", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01149", "scoring_system": "epss", "scoring_elements": "0.78796", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20719" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "7.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "7.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-21T05:00:29Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-03.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20719", "reference_id": "CVE-2024-20719", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "7.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20719" }, { "reference_url": "https://github.com/advisories/GHSA-264g-f7v8-q5qq", "reference_id": "GHSA-264g-f7v8-q5qq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-264g-f7v8-q5qq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/67778?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zgzb-haur-s7aq" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/67777?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/67776?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-1yj1-79jb-wyht" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-6srg-smmw-hycj" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f5jj-23tj-wkbu" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-ft2p-3a61-wudj" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gf2z-99wt-3qcg" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-k55s-dcep-mbbk" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgxx-zdm4-9fe7" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-rv3b-5ja1-dkdv" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-v7ru-7kga-2bet" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-xm9z-aqhf-uqft" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-z8qf-cqwg-zkan" }, { "vulnerability": "VCID-zwsv-4q8h-x3e7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/66131?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-qtc7-bqbg" }, { "vulnerability": "VCID-17xq-rhcp-z3hj" }, { "vulnerability": "VCID-1wxk-rhfp-qqgp" }, { "vulnerability": "VCID-2495-ugn7-v7fk" }, { "vulnerability": "VCID-27w8-khpp-c7hk" }, { "vulnerability": "VCID-29fa-krur-qqbv" }, { "vulnerability": "VCID-2eq5-hm5y-f3f4" }, { "vulnerability": "VCID-3hcd-r9gs-cfgh" }, { "vulnerability": "VCID-3jns-w9p4-jyca" }, { "vulnerability": "VCID-3sn5-689e-cbhk" }, { "vulnerability": "VCID-3tpy-wktb-wqdj" }, { "vulnerability": "VCID-3v4v-ysx5-77gs" }, { "vulnerability": "VCID-3vpy-uswf-5ugc" }, { "vulnerability": "VCID-3wnx-e9kp-fkg7" }, { "vulnerability": "VCID-46mz-swkk-suhn" }, { "vulnerability": "VCID-4kg3-wkw1-vqhy" }, { "vulnerability": "VCID-4w8w-6563-3kfb" }, { "vulnerability": "VCID-53d5-qzm4-vfgs" }, { "vulnerability": "VCID-5bn1-w5sa-ubft" }, { "vulnerability": "VCID-5du3-fvj3-87h7" }, { "vulnerability": "VCID-5fmh-e4j7-nbcf" }, { "vulnerability": "VCID-5tkb-ngcw-t7ap" }, { "vulnerability": "VCID-6g84-aswq-5kfb" }, { "vulnerability": "VCID-6mxj-tzme-zyhb" }, { "vulnerability": "VCID-7dbc-v42e-j7d6" }, { "vulnerability": "VCID-7dzy-1fxw-xfes" }, { "vulnerability": "VCID-8crc-kmpq-63bd" }, { "vulnerability": "VCID-94sc-9fyk-2uay" }, { "vulnerability": "VCID-96gx-zvab-yyhe" }, { "vulnerability": "VCID-9gte-ub5c-mqas" }, { "vulnerability": "VCID-9rdk-3631-eqcw" }, { "vulnerability": "VCID-a2mn-k8qn-j7c9" }, { "vulnerability": "VCID-a9hc-nhv2-7ubx" }, { "vulnerability": "VCID-ac6e-denb-w7hy" }, { "vulnerability": "VCID-annu-j9a3-xkhs" }, { "vulnerability": "VCID-bm3p-s43s-uuce" }, { "vulnerability": "VCID-ctr3-kt63-hybf" }, { "vulnerability": "VCID-d372-f5hu-1bhr" }, { "vulnerability": "VCID-d6u8-dhmd-x3ed" }, { "vulnerability": "VCID-dqfx-d99q-jyd1" }, { "vulnerability": "VCID-ekn2-uahd-4qgw" }, { "vulnerability": "VCID-enwr-t7r8-xyge" }, { "vulnerability": "VCID-eu82-bgnu-rue2" }, { "vulnerability": "VCID-euam-6b48-suhg" }, { "vulnerability": "VCID-ewjp-uxup-gqex" }, { "vulnerability": "VCID-f6vc-8z9a-cqej" }, { "vulnerability": "VCID-gdh1-vff1-cfc2" }, { "vulnerability": "VCID-gkb3-ddu2-qyg6" }, { "vulnerability": "VCID-gyd8-hu6s-wkgt" }, { "vulnerability": "VCID-hbre-ty72-g7gy" }, { "vulnerability": "VCID-hcbc-9c78-yye6" }, { "vulnerability": "VCID-hwb9-yxzn-zub5" }, { "vulnerability": "VCID-jbs3-xb4d-j3gz" }, { "vulnerability": "VCID-jbzd-yjne-6ucr" }, { "vulnerability": "VCID-jede-wz7z-2ugt" }, { "vulnerability": "VCID-jehy-k235-4ua9" }, { "vulnerability": "VCID-jg5k-6vqh-57ey" }, { "vulnerability": "VCID-jnsk-z1qy-8uh7" }, { "vulnerability": "VCID-khdx-kb5m-qyd7" }, { "vulnerability": "VCID-kumb-xzbe-5fb3" }, { "vulnerability": "VCID-mcuv-294k-5qc4" }, { "vulnerability": "VCID-mgk4-9tan-a7fj" }, { "vulnerability": "VCID-mwg1-4tbg-53cg" }, { "vulnerability": "VCID-ntcr-n7fp-j3ab" }, { "vulnerability": "VCID-p84d-d8gt-ukck" }, { "vulnerability": "VCID-pqpk-dh2p-4yc8" }, { "vulnerability": "VCID-qsq4-2nz1-p7hu" }, { "vulnerability": "VCID-qxz4-rh86-cfcu" }, { "vulnerability": "VCID-rgfy-hqz1-zyb4" }, { "vulnerability": "VCID-rhp2-bwp6-k3d4" }, { "vulnerability": "VCID-t1ba-h3yd-yydc" }, { "vulnerability": "VCID-t5m6-39fh-zfhg" }, { "vulnerability": "VCID-tk7j-4vsm-e7c6" }, { "vulnerability": "VCID-tn7z-sztq-hbax" }, { "vulnerability": "VCID-u3gt-rhgh-p7ax" }, { "vulnerability": "VCID-ueg1-1xj3-aqcq" }, { "vulnerability": "VCID-v7r7-xtq1-gug6" }, { "vulnerability": "VCID-vjad-xkj2-nygh" }, { "vulnerability": "VCID-vt4j-zfwn-m3cd" }, { "vulnerability": "VCID-vthq-tuqs-5fg9" }, { "vulnerability": "VCID-vvzs-mjes-e3eq" }, { "vulnerability": "VCID-wdvt-5z3a-5bc2" }, { "vulnerability": "VCID-weqh-3ye3-nbbp" }, { "vulnerability": "VCID-xde9-dz52-1fgp" }, { "vulnerability": "VCID-y9ew-ydqv-4kbf" }, { "vulnerability": "VCID-yh52-jggb-jfgx" }, { "vulnerability": "VCID-yjgp-6ntk-xbc3" }, { "vulnerability": "VCID-ypqs-5ju2-hkcz" }, { "vulnerability": "VCID-yzdu-4cnk-5uft" }, { "vulnerability": "VCID-zacs-wg6m-qyg4" }, { "vulnerability": "VCID-zgzb-haur-s7aq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" } ], "aliases": [ "CVE-2024-20719", "GHSA-264g-f7v8-q5qq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-whzv-vgev-rqd4" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p7" }