Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/74347?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "type": "composer", "namespace": "magento", "name": "community-edition", "version": "2.2.10", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.3.4-p2", "latest_non_vulnerable_version": "2.4.9-alpha3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163886?format=api", "vulnerability_id": "VCID-dcfx-5qz2-aybr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3758", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46684", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3758" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3758", "reference_id": "CVE-2020-3758", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3758" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3758", "GHSA-p5q3-xg47-653m" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dcfx-5qz2-aybr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163845?format=api", "vulnerability_id": "VCID-dsp2-hyhy-ekbj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3717", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51199", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3717" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3717", "reference_id": "CVE-2020-3717", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3717" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3717", "GHSA-874g-pxqp-frqp" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dsp2-hyhy-ekbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163844?format=api", "vulnerability_id": "VCID-qp9f-r8g6-huhm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3716", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17339", "scoring_system": "epss", "scoring_elements": "0.95164", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3716" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3716", "reference_id": "CVE-2020-3716", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3716" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3716", "GHSA-9wc9-498w-h8xv" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qp9f-r8g6-huhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163847?format=api", "vulnerability_id": "VCID-tr2c-pvrf-ybd8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3719", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.79849", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3719" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3719", "reference_id": "CVE-2020-3719", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3719" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3719", "GHSA-rr59-pjwj-6grj" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tr2c-pvrf-ybd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163846?format=api", "vulnerability_id": "VCID-vnpj-71vh-pkb2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3718", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08697", "scoring_system": "epss", "scoring_elements": "0.92612", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3718" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3718", "reference_id": "CVE-2020-3718", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3718" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3718", "GHSA-x9p7-vgp2-9pq2" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vnpj-71vh-pkb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163843?format=api", "vulnerability_id": "VCID-xpw6-2hr1-9qge", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3715", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45441", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3715" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3715", "reference_id": "CVE-2020-3715", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3715" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-curx-pg5d-3qfv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3715", "GHSA-mgg3-v948-2vgr" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xpw6-2hr1-9qge" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148939?format=api", "vulnerability_id": "VCID-16mg-7rwg-hygp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8113", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27418", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8113" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8113.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8113.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8113", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8113" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8113", "GHSA-c4r2-3f9r-rwp8" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-16mg-7rwg-hygp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148964?format=api", "vulnerability_id": "VCID-1e1y-bjwh-abdt", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8138", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8138" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8138.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8138.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8138", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8138" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8138", "GHSA-85xw-3hp5-6fmc" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1e1y-bjwh-abdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148943?format=api", "vulnerability_id": "VCID-1ftn-fnt5-9fbx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8117", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31977", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8117" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8117.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8117.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8117", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8117" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8117", "GHSA-v99w-jxr4-w6mc" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1ftn-fnt5-9fbx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148918?format=api", "vulnerability_id": "VCID-1g8z-z46h-sfep", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8092", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8092" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8092.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8092.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8092", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8092" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8092", "GHSA-56hf-w8gm-448q" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1g8z-z46h-sfep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148979?format=api", "vulnerability_id": "VCID-1q42-wbp4-c3cs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8153", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.15072", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8153" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8153.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8153.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/c6ab7ac38f25309318e5819d4bdd936b2a0cf6bd", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c6ab7ac38f25309318e5819d4bdd936b2a0cf6bd" }, { "reference_url": "https://github.com/magento/magento2/commit/f5eb758c12a2c40ba3fe38ce44b46192494f4ff8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/f5eb758c12a2c40ba3fe38ce44b46192494f4ff8" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8153", "reference_id": "CVE-2019-8153", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8153" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8153", "GHSA-273r-v888-vgc6" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1q42-wbp4-c3cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148953?format=api", "vulnerability_id": "VCID-4hbj-j6xg-6qhx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8127", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29631", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8127" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8127.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8127.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8127", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8127" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" } ], "aliases": [ "CVE-2019-8127", "GHSA-2x2q-2xpv-mcf9" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4hbj-j6xg-6qhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148933?format=api", "vulnerability_id": "VCID-4k4p-qypz-a7d1", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8107", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.3003", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8107" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8107.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8107.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8107", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8107" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8107", "GHSA-2cg3-w597-rjfv" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4k4p-qypz-a7d1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148949?format=api", "vulnerability_id": "VCID-59wp-asx9-kyfw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8123", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25918", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8123" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-8123.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-8123.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-8123.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-8123.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8123.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8123.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8123", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8123" }, { "reference_url": "https://web.archive.org/web/20211209030216/https://magento.com/security/patches/supee-11219", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211209030216/https://magento.com/security/patches/supee-11219" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213933?format=api", "purl": "pkg:composer/magento/community-edition@2.1.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8123", "GHSA-fp5m-4mqh-849p" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-59wp-asx9-kyfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148947?format=api", "vulnerability_id": "VCID-5qpw-hn7v-n7dk", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8121", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39354", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8121" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8121", "reference_id": "CVE-2019-8121", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8121" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8121.yaml", "reference_id": "CVE-2019-8121.YAML", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8121.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-89ch-hqf9-rgp3", "reference_id": "GHSA-89ch-hqf9-rgp3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-89ch-hqf9-rgp3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8121", "GHSA-89ch-hqf9-rgp3" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5qpw-hn7v-n7dk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148969?format=api", "vulnerability_id": "VCID-5urh-smq8-tfaz", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8143", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33198", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8143" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8143.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8143.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8143", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8143" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8143", "GHSA-94q8-gx29-6mqv" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5urh-smq8-tfaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148937?format=api", "vulnerability_id": "VCID-622z-a342-myeu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8111", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01125", "scoring_system": "epss", "scoring_elements": "0.78592", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8111" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8111.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8111.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8111", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8111" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8111", "GHSA-2crc-5vq6-386r" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-622z-a342-myeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/149058?format=api", "vulnerability_id": "VCID-77zn-ju3v-p3cs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8232", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.34927", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8232" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/supee-11219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://magento.com/security/patches/supee-11219" }, { "reference_url": "https://web.archive.org/web/20211209030216/https://magento.com/security/patches/supee-11219", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211209030216/https://magento.com/security/patches/supee-11219" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8232", "reference_id": "CVE-2019-8232", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8232" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/214056?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B3" }, { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8232", "GHSA-6vc8-3xf2-qrxx" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-77zn-ju3v-p3cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148946?format=api", "vulnerability_id": "VCID-7kq6-7y1a-2ygj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8120", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8120" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8120.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8120.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8120", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8120" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213933?format=api", "purl": "pkg:composer/magento/community-edition@2.1.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8120", "GHSA-985w-mqqp-7287" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7kq6-7y1a-2ygj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148967?format=api", "vulnerability_id": "VCID-8net-en93-8ug9", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8141", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01586", "scoring_system": "epss", "scoring_elements": "0.81921", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8141" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8141.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8141.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8141", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8141" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213933?format=api", "purl": "pkg:composer/magento/community-edition@2.1.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8141", "GHSA-9wr9-fw9v-8fgr" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8net-en93-8ug9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148963?format=api", "vulnerability_id": "VCID-912e-tfkc-pbfy", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8137", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00543", "scoring_system": "epss", "scoring_elements": "0.68011", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8137" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8137.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8137.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8137", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8137" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8137", "GHSA-jrjx-8gmw-jj2q" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-912e-tfkc-pbfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148934?format=api", "vulnerability_id": "VCID-93bn-tceg-hya5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8108", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28916", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8108" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8108.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8108.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8108", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8108" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" } ], "aliases": [ "CVE-2019-8108", "GHSA-92ph-xm9v-cg3j" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-93bn-tceg-hya5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148950?format=api", "vulnerability_id": "VCID-axsv-ykju-e7ck", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8124", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4143", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8124" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8124.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8124.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8124", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8124" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213933?format=api", "purl": "pkg:composer/magento/community-edition@2.1.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8124", "GHSA-x5q5-6wvf-2fpq" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-axsv-ykju-e7ck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148975?format=api", "vulnerability_id": "VCID-bbcz-wtzb-x3cv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8149", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62451", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8149" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8149", "reference_id": "CVE-2019-8149", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8149" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8149.yaml", "reference_id": "CVE-2019-8149.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8149.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-8mwx-wpp4-5xh4", "reference_id": "GHSA-8mwx-wpp4-5xh4", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8mwx-wpp4-5xh4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8149", "GHSA-8mwx-wpp4-5xh4" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bbcz-wtzb-x3cv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148958?format=api", "vulnerability_id": "VCID-buam-wpd1-4ufp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8132", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8132" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8132.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8132.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8132", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8132" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8132", "GHSA-g378-6fg4-gx3v" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-buam-wpd1-4ufp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148971?format=api", "vulnerability_id": "VCID-dnsm-c53q-w7en", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8145", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8145" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8145", "reference_id": "CVE-2019-8145", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8145" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8145.yaml", "reference_id": "CVE-2019-8145.YAML", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8145.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-xv69-f7x5-r4qw", "reference_id": "GHSA-xv69-f7x5-r4qw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xv69-f7x5-r4qw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8145", "GHSA-xv69-f7x5-r4qw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnsm-c53q-w7en" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148962?format=api", "vulnerability_id": "VCID-e2vt-c9du-1bbw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8136", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39354", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8136" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8136.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8136.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8136", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8136" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8136", "GHSA-xgcp-59g2-wm8g" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e2vt-c9du-1bbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/149059?format=api", "vulnerability_id": "VCID-em73-vxub-zbhg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8233", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56961", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8233" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8233", "reference_id": "CVE-2019-8233", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8233" }, { "reference_url": "https://github.com/advisories/GHSA-fm68-89m8-4gjj", "reference_id": "GHSA-fm68-89m8-4gjj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fm68-89m8-4gjj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8233", "GHSA-fm68-89m8-4gjj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-em73-vxub-zbhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148935?format=api", "vulnerability_id": "VCID-fem2-gzj7-xbde", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8109", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00415", "scoring_system": "epss", "scoring_elements": "0.61942", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8109" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8109.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8109.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8109", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8109" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8109", "GHSA-x72m-p4qc-p7rv" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fem2-gzj7-xbde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148976?format=api", "vulnerability_id": "VCID-gcy8-q3n4-euh5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8150", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01125", "scoring_system": "epss", "scoring_elements": "0.78592", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8150" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8150.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8150.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8150", "reference_id": "CVE-2019-8150", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8150" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8150", "GHSA-p783-gj6m-9r88" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gcy8-q3n4-euh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148984?format=api", "vulnerability_id": "VCID-ghs5-p8eg-87ge", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8158", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36159", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8158" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8158.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8158.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8158", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8158" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" } ], "aliases": [ "CVE-2019-8158", "GHSA-8p5c-f836-m4h7" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ghs5-p8eg-87ge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148982?format=api", "vulnerability_id": "VCID-gzgk-6ns6-cqb9", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8156", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01105", "scoring_system": "epss", "scoring_elements": "0.78388", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8156" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8156.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8156.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8156", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8156" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" } ], "aliases": [ "CVE-2019-8156", "GHSA-775w-gx3f-4j4f" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gzgk-6ns6-cqb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148944?format=api", "vulnerability_id": "VCID-h315-sweb-eqcg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8118", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.1489", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8118" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8118.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8118.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8118", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8118" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213933?format=api", "purl": "pkg:composer/magento/community-edition@2.1.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8118", "GHSA-hmch-9947-82rj" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h315-sweb-eqcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148936?format=api", "vulnerability_id": "VCID-hn62-s6t3-akgf", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8110", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01125", "scoring_system": "epss", "scoring_elements": "0.78592", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8110" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8110.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8110.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8110", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8110" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8110", "GHSA-gfcq-wh3g-c6h4" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hn62-s6t3-akgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148941?format=api", "vulnerability_id": "VCID-hq73-wbmp-gqa9", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8115", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01801", "scoring_system": "epss", "scoring_elements": "0.83109", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8115" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8115.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8115.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8115", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8115" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8115", "GHSA-29mr-gr4c-vf9c" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hq73-wbmp-gqa9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148957?format=api", "vulnerability_id": "VCID-hst9-4ned-77ep", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8131", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8131" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8131.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8131.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8131", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8131" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8131", "GHSA-vx7m-v8v2-fhwm" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hst9-4ned-77ep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148956?format=api", "vulnerability_id": "VCID-j9tn-nv5n-4uak", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8130", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29394", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8130" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8130.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8130.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8130", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8130" }, { "reference_url": "https://web.archive.org/web/20210616202033/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210616202033/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8130", "GHSA-x42g-82pp-4v6g" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j9tn-nv5n-4uak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148960?format=api", "vulnerability_id": "VCID-kabn-b6vd-hybs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8134", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29394", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8134" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8134.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8134.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8134", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8134" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8134", "GHSA-45gj-78hc-4mvc" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kabn-b6vd-hybs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148948?format=api", "vulnerability_id": "VCID-kj3m-hu4d-s3hp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8122", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01125", "scoring_system": "epss", "scoring_elements": "0.78592", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8122" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8122.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8122.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8122", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8122" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213933?format=api", "purl": "pkg:composer/magento/community-edition@2.1.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8122", "GHSA-5v5p-x8c2-mqxp" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kj3m-hu4d-s3hp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148968?format=api", "vulnerability_id": "VCID-m2ug-7ada-sbdm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8142", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8142" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8142.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8142.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8142", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8142" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8142", "GHSA-298q-wv2h-v5vw" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m2ug-7ada-sbdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148972?format=api", "vulnerability_id": "VCID-m3p9-61rr-ubes", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8146", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8146" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8146.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8146.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8146", "reference_id": "CVE-2019-8146", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8146" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-8146", "GHSA-6m27-3r8q-c7f7" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m3p9-61rr-ubes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148973?format=api", "vulnerability_id": "VCID-m4pz-7xnk-8fdg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8147", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8147" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8147.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8147.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8147", "reference_id": "CVE-2019-8147", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8147" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8147", "GHSA-v8fg-p27h-mxjp" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m4pz-7xnk-8fdg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148977?format=api", "vulnerability_id": "VCID-n39v-vbhc-jkdq", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8151", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01105", "scoring_system": "epss", "scoring_elements": "0.78388", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8151" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8151.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8151.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8151", "reference_id": "CVE-2019-8151", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8151" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8151", "GHSA-f73h-224c-62qr" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n39v-vbhc-jkdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148919?format=api", "vulnerability_id": "VCID-p4w9-guvw-tbh2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8093", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42103", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8093" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8093.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8093.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8093", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8093" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8093", "GHSA-32x5-6p4q-q8jh" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p4w9-guvw-tbh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148966?format=api", "vulnerability_id": "VCID-qfm1-jhuc-jybd", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8140", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47567", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8140" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8140.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8140.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8140", "reference_id": "CVE-2019-8140", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8140" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8140", "GHSA-7pr3-34rg-g53m" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qfm1-jhuc-jybd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148938?format=api", "vulnerability_id": "VCID-qreu-ehrc-6qaz", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8112", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26311", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8112" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8112.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8112.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8112", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8112" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8112", "GHSA-p9vf-4jx2-5hpp" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qreu-ehrc-6qaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148940?format=api", "vulnerability_id": "VCID-snyd-udah-6yav", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8114", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01199", "scoring_system": "epss", "scoring_elements": "0.79209", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8114" }, { "reference_url": "https://devdocs-openmage.org/guides/m1x//ce19-ee114/ee1.14_release-notes.html#ee114-11443", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://devdocs-openmage.org/guides/m1x//ce19-ee114/ee1.14_release-notes.html#ee114-11443" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-8114.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-8114.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-8114.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-8114.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8114.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8114.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8114", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8114" }, { "reference_url": "https://web.archive.org/web/20211209030216/https://magento.com/security/patches/supee-11219", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211209030216/https://magento.com/security/patches/supee-11219" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/214056?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B3" }, { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" } ], "aliases": [ "CVE-2019-8114", "GHSA-crv7-r357-gw3w" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-snyd-udah-6yav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148983?format=api", "vulnerability_id": "VCID-swen-hpr1-2qfd", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8157", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8157" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8157.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8157.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8157", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8157" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8157", "GHSA-vrw4-34p5-pjg5" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-swen-hpr1-2qfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148954?format=api", "vulnerability_id": "VCID-swgn-f8er-y3ge", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8128", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8128" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8128.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8128.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8128", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8128" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8128", "GHSA-mhwc-4w67-xq2c" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-swgn-f8er-y3ge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148952?format=api", "vulnerability_id": "VCID-t3r4-hwfp-a7hv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8126", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28733", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8126" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8126", "reference_id": "CVE-2019-8126", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8126" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8126.yaml", "reference_id": "CVE-2019-8126.YAML", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8126.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-427g-2r83-3ccm", "reference_id": "GHSA-427g-2r83-3ccm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-427g-2r83-3ccm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8126", "GHSA-427g-2r83-3ccm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t3r4-hwfp-a7hv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148916?format=api", "vulnerability_id": "VCID-td1a-zvg5-h3bz", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8090", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28666", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8090" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8090.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8090.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8090", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8090" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8090", "GHSA-653q-vqm6-gmjm" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-td1a-zvg5-h3bz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148980?format=api", "vulnerability_id": "VCID-tszq-tsvs-sbcr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8154", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01125", "scoring_system": "epss", "scoring_elements": "0.78592", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8154" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8154", "reference_id": "CVE-2019-8154", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8154" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8154.yaml", "reference_id": "CVE-2019-8154.YAML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8154.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-4v2q-hjx3-c4vr", "reference_id": "GHSA-4v2q-hjx3-c4vr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4v2q-hjx3-c4vr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8154", "GHSA-4v2q-hjx3-c4vr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tszq-tsvs-sbcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148955?format=api", "vulnerability_id": "VCID-untu-74et-53d2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8129", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8129" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8129.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8129.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8129", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8129" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" } ], "aliases": [ "CVE-2019-8129", "GHSA-wg25-j79r-v5wp" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-untu-74et-53d2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148961?format=api", "vulnerability_id": "VCID-w91u-6r6q-zfd7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8135", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.77303", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8135" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8135", "reference_id": "CVE-2019-8135", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8135" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8135.yaml", "reference_id": "CVE-2019-8135.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8135.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-3q5x-7mxp-rp6j", "reference_id": "GHSA-3q5x-7mxp-rp6j", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3q5x-7mxp-rp6j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8135", "GHSA-3q5x-7mxp-rp6j" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w91u-6r6q-zfd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148965?format=api", "vulnerability_id": "VCID-wega-ywxs-kfex", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8139", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8139" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8139.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8139.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8139", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8139" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" } ], "aliases": [ "CVE-2019-8139", "GHSA-gjjm-4x3g-3h33" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wega-ywxs-kfex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148945?format=api", "vulnerability_id": "VCID-wj5g-fy4v-kubn", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8119", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01814", "scoring_system": "epss", "scoring_elements": "0.83161", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8119" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8119.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8119.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8119", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8119" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/213933?format=api", "purl": "pkg:composer/magento/community-edition@2.1.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8119", "GHSA-j63v-wcf9-c9hm" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wj5g-fy4v-kubn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148985?format=api", "vulnerability_id": "VCID-xt2d-3uyx-5kex", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8159", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01627", "scoring_system": "epss", "scoring_elements": "0.82183", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8159" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8159.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8159.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8159", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8159" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" } ], "aliases": [ "CVE-2019-8159", "GHSA-47h6-hfpv-7phj" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xt2d-3uyx-5kex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148959?format=api", "vulnerability_id": "VCID-yeby-8p7j-7qaj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8133", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16475", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8133" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8133", "reference_id": "CVE-2019-8133", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8133" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8133.yaml", "reference_id": "CVE-2019-8133.YAML", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8133.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-62fx-3v4f-mwxm", "reference_id": "GHSA-62fx-3v4f-mwxm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-62fx-3v4f-mwxm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8133", "GHSA-62fx-3v4f-mwxm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yeby-8p7j-7qaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148978?format=api", "vulnerability_id": "VCID-z3g2-t29c-p3fb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8152", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8152" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-8152.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-8152.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-8152.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-8152.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8152.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8152.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://magento.com/security/patches/supee-11219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://magento.com/security/patches/supee-11219" }, { "reference_url": "https://web.archive.org/web/20211209030216/https://magento.com/security/patches/supee-11219", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211209030216/https://magento.com/security/patches/supee-11219" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8152", "reference_id": "CVE-2019-8152", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8152" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/214056?format=api", "purl": "pkg:composer/magento/community-edition@1.9.4%2B3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@1.9.4%252B3" }, { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8152", "GHSA-jjmg-xmq2-g6ff" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z3g2-t29c-p3fb" } ], "risk_score": "0.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }