Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/81306?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/81306?format=api", "purl": "pkg:composer/magento/community-edition@2.2.5", "type": "composer", "namespace": "magento", "name": "community-edition", "version": "2.2.5", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.3.7-p2", "latest_non_vulnerable_version": "2.4.9-alpha3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148979?format=api", "vulnerability_id": "VCID-1q42-wbp4-c3cs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8153", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.15072", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8153" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8153.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8153.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/c6ab7ac38f25309318e5819d4bdd936b2a0cf6bd", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/c6ab7ac38f25309318e5819d4bdd936b2a0cf6bd" }, { "reference_url": "https://github.com/magento/magento2/commit/f5eb758c12a2c40ba3fe38ce44b46192494f4ff8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/f5eb758c12a2c40ba3fe38ce44b46192494f4ff8" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8153", "reference_id": "CVE-2019-8153", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8153" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8153", "GHSA-273r-v888-vgc6" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1q42-wbp4-c3cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/167998?format=api", "vulnerability_id": "VCID-31gu-5peh-jyf8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9579", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0622", "scoring_system": "epss", "scoring_elements": "0.91021", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9579" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/52d92dbd07f09620d23693ba0c4d4bdb4ba09916", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/52d92dbd07f09620d23693ba0c4d4bdb4ba09916" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-22.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-22.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9579", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9579" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433144?format=api", "purl": "pkg:composer/magento/community-edition@2.3.5-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.5-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/213672?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/417706?format=api", "purl": "pkg:composer/magento/community-edition@2.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.5" } ], "aliases": [ "CVE-2020-9579", "GHSA-vrp3-wc28-qg2h" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-31gu-5peh-jyf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148717?format=api", "vulnerability_id": "VCID-34a4-y3sn-97cp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7857", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09776", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7857" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7857.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7857.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7857", "reference_id": "CVE-2019-7857", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7857" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7857", "GHSA-f6ww-vqw2-xp3v" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-34a4-y3sn-97cp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/168108?format=api", "vulnerability_id": "VCID-3fwk-gzst-aycg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9690", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0047", "scoring_system": "epss", "scoring_elements": "0.64872", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9690" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/9436781734e47c83e96977fa770d255217680d5e", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/9436781734e47c83e96977fa770d255217680d5e" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-47.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-47.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9690", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9690" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77333?format=api", "purl": "pkg:composer/magento/community-edition@2.3.5-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.5-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/59701?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-4phr-amm7-q3he" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5wjs-5jc8-y7dv" }, { "vulnerability": "VCID-631j-28c3-zqam" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-eh85-akw2-4qby" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-f418-amxz-xfey" }, { "vulnerability": "VCID-fs6u-kx4y-nqbh" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gngq-4jm1-nffv" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-jgkp-2cew-c7hc" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mn2q-e59e-9bhu" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-ns3u-g7gm-kbfq" }, { "vulnerability": "VCID-p7gh-bgn5-kyfw" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u87h-sf89-k3ew" }, { "vulnerability": "VCID-u8ch-jew7-pubj" }, { "vulnerability": "VCID-wbj6-ehhe-ybf1" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0" } ], "aliases": [ "CVE-2020-9690", "GHSA-xgp9-j48h-jjf9" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3fwk-gzst-aycg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148774?format=api", "vulnerability_id": "VCID-3w85-cjt6-1kgv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7937", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7937" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7937.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7937.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7937", "reference_id": "CVE-2019-7937", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7937" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7937", "GHSA-94fc-rxhv-vvf8" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3w85-cjt6-1kgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170767?format=api", "vulnerability_id": "VCID-4nuc-1pgt-4kdc", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21015", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04856", "scoring_system": "epss", "scoring_elements": "0.89709", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21015" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497" }, { "reference_url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21015", "reference_id": "CVE-2021-21015", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21015" }, { "reference_url": "https://github.com/advisories/GHSA-w2p4-2c8c-2g7h", "reference_id": "GHSA-w2p4-2c8c-2g7h", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w2p4-2c8c-2g7h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77496?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77497?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/57943?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2" } ], "aliases": [ "CVE-2021-21015", "GHSA-w2p4-2c8c-2g7h" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4nuc-1pgt-4kdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/158614?format=api", "vulnerability_id": "VCID-5mu4-9ruv-uke4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80194", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24408" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24408", "reference_id": "CVE-2020-24408", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24408" }, { "reference_url": "https://github.com/advisories/GHSA-jxjc-6xmh-h7mg", "reference_id": "GHSA-jxjc-6xmh-h7mg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jxjc-6xmh-h7mg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77287?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1" } ], "aliases": [ "CVE-2020-24408", "GHSA-jxjc-6xmh-h7mg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5mu4-9ruv-uke4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/158606?format=api", "vulnerability_id": "VCID-5px5-varz-8qa5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24400", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49269", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24400" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24400", "reference_id": "CVE-2020-24400", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24400" }, { "reference_url": "https://github.com/advisories/GHSA-pf6w-3pfw-fxvw", "reference_id": "GHSA-pf6w-3pfw-fxvw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pf6w-3pfw-fxvw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77287?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1" } ], "aliases": [ "CVE-2020-24400", "GHSA-pf6w-3pfw-fxvw" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5px5-varz-8qa5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148947?format=api", "vulnerability_id": "VCID-5qpw-hn7v-n7dk", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8121", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39354", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8121" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8121", "reference_id": "CVE-2019-8121", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8121" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8121.yaml", "reference_id": "CVE-2019-8121.YAML", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8121.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-89ch-hqf9-rgp3", "reference_id": "GHSA-89ch-hqf9-rgp3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-89ch-hqf9-rgp3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8121", "GHSA-89ch-hqf9-rgp3" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5qpw-hn7v-n7dk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148743?format=api", "vulnerability_id": "VCID-73jm-z8yc-n3eh", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7887", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23629", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7887" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7887.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7887.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7887.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7887.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7887.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7887.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7887", "reference_id": "CVE-2019-7887", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7887" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7887", "GHSA-rj8f-g5gm-jw5c" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-73jm-z8yc-n3eh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148756?format=api", "vulnerability_id": "VCID-77v3-4g9b-mbg8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7909", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7909" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7909.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7909.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7909.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7909.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7909.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7909.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7909", "reference_id": "CVE-2019-7909", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7909" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7909", "GHSA-pw2f-m22m-p75c" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-77v3-4g9b-mbg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/149058?format=api", "vulnerability_id": "VCID-77zn-ju3v-p3cs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8232", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.34927", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8232" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/supee-11219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://magento.com/security/patches/supee-11219" }, { "reference_url": "https://web.archive.org/web/20211209030216/https://magento.com/security/patches/supee-11219", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211209030216/https://magento.com/security/patches/supee-11219" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8232", "reference_id": "CVE-2019-8232", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8232" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8232", "GHSA-6vc8-3xf2-qrxx" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-77zn-ju3v-p3cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148750?format=api", "vulnerability_id": "VCID-8azw-t94j-7bda", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7897" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7897.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7897.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7897.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7897.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7897.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7897.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7897", "reference_id": "CVE-2019-7897", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7897" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7897", "GHSA-jxp3-mmw7-8285" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8azw-t94j-7bda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148738?format=api", "vulnerability_id": "VCID-94dk-wkd1-ryg5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7880", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7880" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7880.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7880.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7880", "reference_id": "CVE-2019-7880", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7880" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7880", "GHSA-ccjm-rgm5-rjjh" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-94dk-wkd1-ryg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148748?format=api", "vulnerability_id": "VCID-9bs6-bkg5-5ygw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7895", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00897", "scoring_system": "epss", "scoring_elements": "0.75972", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7895" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7895.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7895.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7895", "reference_id": "CVE-2019-7895", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7895" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7895", "GHSA-mw5w-cf76-73m8" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9bs6-bkg5-5ygw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170781?format=api", "vulnerability_id": "VCID-9ph3-z1rw-kqhc", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21029", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.43501", "scoring_system": "epss", "scoring_elements": "0.97574", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21029" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497" }, { "reference_url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21029", "reference_id": "CVE-2021-21029", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21029" }, { "reference_url": "https://github.com/advisories/GHSA-jwxh-wj79-ccm6", "reference_id": "GHSA-jwxh-wj79-ccm6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jwxh-wj79-ccm6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77496?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77497?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/57943?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2" } ], "aliases": [ "CVE-2021-21029", "GHSA-jwxh-wj79-ccm6" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ph3-z1rw-kqhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/158612?format=api", "vulnerability_id": "VCID-brvc-xvms-zqf4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24406", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.53005", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24406" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24406", "reference_id": "CVE-2020-24406", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24406" }, { "reference_url": "https://github.com/advisories/GHSA-mr8q-7f5j-wc79", "reference_id": "GHSA-mr8q-7f5j-wc79", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mr8q-7f5j-wc79" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77287?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1" } ], "aliases": [ "CVE-2020-24406", "GHSA-mr8q-7f5j-wc79" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-brvc-xvms-zqf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170770?format=api", "vulnerability_id": "VCID-bxmb-sb7p-dkgm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21018", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06906", "scoring_system": "epss", "scoring_elements": "0.91531", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21018" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21018", "reference_id": "CVE-2021-21018", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21018" }, { "reference_url": "https://github.com/advisories/GHSA-rv48-v862-mp92", "reference_id": "GHSA-rv48-v862-mp92", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rv48-v862-mp92" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77497?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" } ], "aliases": [ "CVE-2021-21018", "GHSA-rv48-v862-mp92" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bxmb-sb7p-dkgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148755?format=api", "vulnerability_id": "VCID-ckmz-vs6x-sqgw", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7908", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7908" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7908.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7908.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7908", "reference_id": "CVE-2019-7908", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7908" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7908", "GHSA-mgfv-4whf-c574" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ckmz-vs6x-sqgw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/168010?format=api", "vulnerability_id": "VCID-curx-pg5d-3qfv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9591", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01311", "scoring_system": "epss", "scoring_elements": "0.80129", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9591" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-22.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-22.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9591", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9591" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433144?format=api", "purl": "pkg:composer/magento/community-edition@2.3.5-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.5-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/213672?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/417706?format=api", "purl": "pkg:composer/magento/community-edition@2.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.5" } ], "aliases": [ "CVE-2020-9591", "GHSA-w7rh-9w5v-rwqj" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-curx-pg5d-3qfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163886?format=api", "vulnerability_id": "VCID-dcfx-5qz2-aybr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3758", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46684", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3758" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3758", "reference_id": "CVE-2020-3758", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3758" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3758", "GHSA-p5q3-xg47-653m" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dcfx-5qz2-aybr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148971?format=api", "vulnerability_id": "VCID-dnsm-c53q-w7en", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8145", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8145" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8145", "reference_id": "CVE-2019-8145", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8145" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8145.yaml", "reference_id": "CVE-2019-8145.YAML", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8145.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-xv69-f7x5-r4qw", "reference_id": "GHSA-xv69-f7x5-r4qw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xv69-f7x5-r4qw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8145", "GHSA-xv69-f7x5-r4qw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnsm-c53q-w7en" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163845?format=api", "vulnerability_id": "VCID-dsp2-hyhy-ekbj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3717", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51199", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3717" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3717", "reference_id": "CVE-2020-3717", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3717" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3717", "GHSA-874g-pxqp-frqp" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dsp2-hyhy-ekbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/154984?format=api", "vulnerability_id": "VCID-dvs4-arma-2ke4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15151", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25177", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15151" }, { "reference_url": "https://github.com/OpenMage/magento-lts", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/OpenMage/magento-lts" }, { "reference_url": "https://github.com/OpenMage/magento-lts/commit/7c526bc6a6a51b57a1bab4c60f104dc36cde347a", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/OpenMage/magento-lts/commit/7c526bc6a6a51b57a1bab4c60f104dc36cde347a" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-47.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-47.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15151", "reference_id": "CVE-2020-15151", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15151" }, { "reference_url": "https://github.com/advisories/GHSA-crf2-xm6x-46p6", "reference_id": "GHSA-crf2-xm6x-46p6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-crf2-xm6x-46p6" }, { "reference_url": "https://github.com/OpenMage/magento-lts/security/advisories/GHSA-crf2-xm6x-46p6", "reference_id": "GHSA-crf2-xm6x-46p6", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/OpenMage/magento-lts/security/advisories/GHSA-crf2-xm6x-46p6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/59701?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-4phr-amm7-q3he" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5wjs-5jc8-y7dv" }, { "vulnerability": "VCID-631j-28c3-zqam" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-eh85-akw2-4qby" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-f418-amxz-xfey" }, { "vulnerability": "VCID-fs6u-kx4y-nqbh" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gngq-4jm1-nffv" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-jgkp-2cew-c7hc" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mn2q-e59e-9bhu" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-ns3u-g7gm-kbfq" }, { "vulnerability": "VCID-p7gh-bgn5-kyfw" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u87h-sf89-k3ew" }, { "vulnerability": "VCID-u8ch-jew7-pubj" }, { "vulnerability": "VCID-wbj6-ehhe-ybf1" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0" } ], "aliases": [ "CVE-2020-15151", "GHSA-crf2-xm6x-46p6" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dvs4-arma-2ke4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148739?format=api", "vulnerability_id": "VCID-e3hs-urj2-hugu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7881", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24783", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7881" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7881.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7881.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7881", "reference_id": "CVE-2019-7881", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7881" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7881", "GHSA-7xqv-jgv6-x2h8" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e3hs-urj2-hugu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106238?format=api", "vulnerability_id": "VCID-e514-8tra-9kg2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6485", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24514", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6485" }, { "reference_url": "https://github.com/magento/magento2/pull/15017", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/pull/15017" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/07/19/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2016/07/19/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/07/27/14", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2016/07/27/14" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6485", "reference_id": "CVE-2016-6485", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6485" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2016-6485.yaml", "reference_id": "CVE-2016-6485.YAML", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2016-6485.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-h7qw-mxrm-c6h2", "reference_id": "GHSA-h7qw-mxrm-c6h2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h7qw-mxrm-c6h2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74398?format=api", "purl": "pkg:composer/magento/community-edition@2.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-34a4-y3sn-97cp" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-3w85-cjt6-1kgv" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-73jm-z8yc-n3eh" }, { "vulnerability": "VCID-77v3-4g9b-mbg8" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-8azw-t94j-7bda" }, { "vulnerability": "VCID-94dk-wkd1-ryg5" }, { "vulnerability": "VCID-9bs6-bkg5-5ygw" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-ckmz-vs6x-sqgw" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e3hs-urj2-hugu" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-fw8t-pt9u-vbgn" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-j6jh-447c-vbay" }, { "vulnerability": "VCID-jbdw-8hjj-puh8" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-nww3-kpvm-4ucu" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-qqqf-kw83-dfgb" }, { "vulnerability": "VCID-rcdf-rkqa-c7bk" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-t74p-crez-wyhv" }, { "vulnerability": "VCID-t7ae-1xen-tqav" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-ucfx-6ktc-2bcp" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-wr3g-xf17-abcx" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-yh9f-v452-tub3" }, { "vulnerability": "VCID-yxpr-kard-n7cr" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.6" } ], "aliases": [ "CVE-2016-6485", "GHSA-h7qw-mxrm-c6h2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e514-8tra-9kg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/149059?format=api", "vulnerability_id": "VCID-em73-vxub-zbhg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8233", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56961", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8233" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8233", "reference_id": "CVE-2019-8233", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8233" }, { "reference_url": "https://github.com/advisories/GHSA-fm68-89m8-4gjj", "reference_id": "GHSA-fm68-89m8-4gjj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fm68-89m8-4gjj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8233", "GHSA-fm68-89m8-4gjj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-em73-vxub-zbhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/158611?format=api", "vulnerability_id": "VCID-evsh-gg3x-bfda", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24405", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24879", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24405" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24405", "reference_id": "CVE-2020-24405", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24405" }, { "reference_url": "https://github.com/advisories/GHSA-p7m7-j8jv-393q", "reference_id": "GHSA-p7m7-j8jv-393q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p7m7-j8jv-393q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77287?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1" } ], "aliases": [ "CVE-2020-24405", "GHSA-p7m7-j8jv-393q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-evsh-gg3x-bfda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/158610?format=api", "vulnerability_id": "VCID-fu9d-vb4r-vkhm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24404", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50909", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24404" }, { "reference_url": "https://devdocs.magento.com/guides/v2.3/release-notes/open-source-2-3-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://devdocs.magento.com/guides/v2.3/release-notes/open-source-2-3-6.html" }, { "reference_url": "https://experienceleague.adobe.com/docs/commerce-operations/release/notes/magento-open-source/2-4-1.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://experienceleague.adobe.com/docs/commerce-operations/release/notes/magento-open-source/2-4-1.html" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-59.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24404", "reference_id": "CVE-2020-24404", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24404" }, { "reference_url": "https://github.com/advisories/GHSA-rwf7-652f-76mv", "reference_id": "GHSA-rwf7-652f-76mv", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rwf7-652f-76mv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77287?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1" } ], "aliases": [ "CVE-2020-24404", "GHSA-rwf7-652f-76mv" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fu9d-vb4r-vkhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148762?format=api", "vulnerability_id": "VCID-fw8t-pt9u-vbgn", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7923", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48848", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7923" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7923.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7923.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7923", "reference_id": "CVE-2019-7923", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7923" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7923", "GHSA-hvcp-jvx5-4pmp" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fw8t-pt9u-vbgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148976?format=api", "vulnerability_id": "VCID-gcy8-q3n4-euh5", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8150", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01125", "scoring_system": "epss", "scoring_elements": "0.78592", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8150" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8150.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8150.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8150", "reference_id": "CVE-2019-8150", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8150" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8150", "GHSA-p783-gj6m-9r88" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gcy8-q3n4-euh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14058?format=api", "vulnerability_id": "VCID-hb1m-rxm7-nyga", "summary": "Information Exposure\nMagento is vulnerable to an Information Disclosure vulnerability when uploading a modified png file to a product image. Successful exploitation could lead to the disclosure of document root path by an unauthenticated attacker. Access to the admin console is required for successful exploitation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28566", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.73004", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28566" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28566", "reference_id": "CVE-2021-28566", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28566" }, { "reference_url": "https://github.com/advisories/GHSA-w942-fw92-mqm2", "reference_id": "GHSA-w942-fw92-mqm2", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w942-fw92-mqm2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/57944?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/65814?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-jew7-2yd7-8ffp" }, { "vulnerability": "VCID-mgnu-rgqb-h7cw" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3" } ], "aliases": [ "CVE-2021-28566", "GHSA-w942-fw92-mqm2" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hb1m-rxm7-nyga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148773?format=api", "vulnerability_id": "VCID-j6jh-447c-vbay", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7936", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7936" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7936.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7936.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7936", "reference_id": "CVE-2019-7936", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7936" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7936", "GHSA-mf6x-7766-5cg8" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j6jh-447c-vbay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148761?format=api", "vulnerability_id": "VCID-jbdw-8hjj-puh8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7921", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24783", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7921" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7921.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7921.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7921", "reference_id": "CVE-2019-7921", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7921" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7921", "GHSA-gg96-8w9x-7rx9" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jbdw-8hjj-puh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175534?format=api", "vulnerability_id": "VCID-kf9w-4pch-5yhm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28563", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49261", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28563" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://github.com/magento/magento2/commit/ed952726c94e401e922e88490e41a536f2d850e7", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/ed952726c94e401e922e88490e41a536f2d850e7" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28563", "reference_id": "CVE-2021-28563", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28563" }, { "reference_url": "https://github.com/advisories/GHSA-q9xx-4689-gvv5", "reference_id": "GHSA-q9xx-4689-gvv5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q9xx-4689-gvv5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65592?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-snxt-bv9t-nbdu" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-yjrz-v74j-xbfx" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/57944?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qch-21pj-4yhs" }, { "vulnerability": "VCID-3d19-jvhv-kfej" }, { "vulnerability": "VCID-3mbp-mm4g-yybx" }, { "vulnerability": "VCID-3mg5-5bnt-3qb3" }, { "vulnerability": "VCID-5m9k-7pab-bygj" }, { "vulnerability": "VCID-63pe-4w5f-zqax" }, { "vulnerability": "VCID-6cm3-pkzs-wbdu" }, { "vulnerability": "VCID-8vyv-da9b-x7c5" }, { "vulnerability": "VCID-atcy-z6qm-7qcn" }, { "vulnerability": "VCID-atnt-jfyb-uydk" }, { "vulnerability": "VCID-dahp-ngf2-yfck" }, { "vulnerability": "VCID-ddnf-1ejm-g3fm" }, { "vulnerability": "VCID-ea9q-x4cf-wfdj" }, { "vulnerability": "VCID-esvp-gu4v-hkc8" }, { "vulnerability": "VCID-fk7u-x6n8-y3a8" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-ktbz-cqsm-cqdh" }, { "vulnerability": "VCID-nf7q-381b-eufk" }, { "vulnerability": "VCID-pt49-zfad-2fgb" }, { "vulnerability": "VCID-qdse-avkx-7kb6" }, { "vulnerability": "VCID-u3cx-xm7q-8uch" }, { "vulnerability": "VCID-x63j-5hm1-8kh9" }, { "vulnerability": "VCID-yhrq-kbj5-puaz" }, { "vulnerability": "VCID-z5ak-93ax-gues" }, { "vulnerability": "VCID-zpta-g6q9-ykdh" }, { "vulnerability": "VCID-zt1b-5ytz-wqb6" }, { "vulnerability": "VCID-zzn5-7yxb-t3hf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" } ], "aliases": [ "CVE-2021-28563", "GHSA-q9xx-4689-gvv5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kf9w-4pch-5yhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148972?format=api", "vulnerability_id": "VCID-m3p9-61rr-ubes", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8146", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8146" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8146.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8146.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8146", "reference_id": "CVE-2019-8146", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8146" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-8146", "GHSA-6m27-3r8q-c7f7" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m3p9-61rr-ubes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148973?format=api", "vulnerability_id": "VCID-m4pz-7xnk-8fdg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8147", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8147" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8147.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8147.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051105/https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8147", "reference_id": "CVE-2019-8147", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8147" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74354?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8147", "GHSA-v8fg-p27h-mxjp" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m4pz-7xnk-8fdg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170771?format=api", "vulnerability_id": "VCID-mxj2-c71n-3fgu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21019", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04035", "scoring_system": "epss", "scoring_elements": "0.8869", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21019" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21019", "reference_id": "CVE-2021-21019", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21019" }, { "reference_url": "https://github.com/advisories/GHSA-mw95-gmw4-883p", "reference_id": "GHSA-mw95-gmw4-883p", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mw95-gmw4-883p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77496?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77497?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" } ], "aliases": [ "CVE-2021-21019", "GHSA-mw95-gmw4-883p" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mxj2-c71n-3fgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148977?format=api", "vulnerability_id": "VCID-n39v-vbhc-jkdq", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8151", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01105", "scoring_system": "epss", "scoring_elements": "0.78388", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8151" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8151.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8151.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8151", "reference_id": "CVE-2019-8151", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8151" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8151", "GHSA-f73h-224c-62qr" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n39v-vbhc-jkdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148715?format=api", "vulnerability_id": "VCID-nww3-kpvm-4ucu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7854", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24851", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7854" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7854.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7854.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7854", "reference_id": "CVE-2019-7854", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7854" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7854", "GHSA-hpxv-vpfv-7jc9" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nww3-kpvm-4ucu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148966?format=api", "vulnerability_id": "VCID-qfm1-jhuc-jybd", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8140", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47567", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8140" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8140.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8140.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8140", "reference_id": "CVE-2019-8140", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8140" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8140", "GHSA-7pr3-34rg-g53m" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qfm1-jhuc-jybd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163844?format=api", "vulnerability_id": "VCID-qp9f-r8g6-huhm", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3716", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17339", "scoring_system": "epss", "scoring_elements": "0.95164", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3716" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3716", "reference_id": "CVE-2020-3716", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3716" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3716", "GHSA-9wc9-498w-h8xv" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qp9f-r8g6-huhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148716?format=api", "vulnerability_id": "VCID-qqqf-kw83-dfgb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7855", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42012", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7855" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7855.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7855.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7855", "reference_id": "CVE-2019-7855", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7855" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7855", "GHSA-2w26-gmqm-mc5p" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qqqf-kw83-dfgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148749?format=api", "vulnerability_id": "VCID-rcdf-rkqa-c7bk", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7896", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00897", "scoring_system": "epss", "scoring_elements": "0.75972", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7896" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7896.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7896.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7896", "reference_id": "CVE-2019-7896", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7896" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7896", "GHSA-2x55-mg9r-24f7" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rcdf-rkqa-c7bk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148952?format=api", "vulnerability_id": "VCID-t3r4-hwfp-a7hv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8126", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28733", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8126" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8126", "reference_id": "CVE-2019-8126", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8126" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8126.yaml", "reference_id": "CVE-2019-8126.YAML", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8126.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-427g-2r83-3ccm", "reference_id": "GHSA-427g-2r83-3ccm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-427g-2r83-3ccm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8126", "GHSA-427g-2r83-3ccm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t3r4-hwfp-a7hv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148772?format=api", "vulnerability_id": "VCID-t74p-crez-wyhv", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7935", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7935" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7935.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7935.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7935.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7935.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7935.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7935.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7935", "reference_id": "CVE-2019-7935", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7935" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7935", "GHSA-5c4g-p858-498x" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t74p-crez-wyhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13525?format=api", "vulnerability_id": "VCID-t7ae-1xen-tqav", "summary": "SQL Injection\nAn unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7139", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.60108", "scoring_system": "epss", "scoring_elements": "0.983", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7139" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://magento.com/security/patches/supee-11086", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/supee-11086" }, { "reference_url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211206084839/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13" }, { "reference_url": "https://www.ambionics.io/blog/magento-sqli", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.ambionics.io/blog/magento-sqli" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7139", "reference_id": "CVE-2019-7139", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7139" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7139.yaml", "reference_id": "CVE-2019-7139.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7139.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7139.yaml", "reference_id": "CVE-2019-7139.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7139.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7139.yaml", "reference_id": "CVE-2019-7139.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7139.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-4j6w-9rf8-hg7r", "reference_id": "GHSA-4j6w-9rf8-hg7r", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4j6w-9rf8-hg7r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56766?format=api", "purl": "pkg:composer/magento/community-edition@2.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-34a4-y3sn-97cp" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-3w85-cjt6-1kgv" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-73jm-z8yc-n3eh" }, { "vulnerability": "VCID-77v3-4g9b-mbg8" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-8azw-t94j-7bda" }, { "vulnerability": "VCID-94dk-wkd1-ryg5" }, { "vulnerability": "VCID-9bs6-bkg5-5ygw" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-ckmz-vs6x-sqgw" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e3hs-urj2-hugu" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-fw8t-pt9u-vbgn" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-j6jh-447c-vbay" }, { "vulnerability": "VCID-jbdw-8hjj-puh8" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-nww3-kpvm-4ucu" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-qqqf-kw83-dfgb" }, { "vulnerability": "VCID-rcdf-rkqa-c7bk" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-t74p-crez-wyhv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-ucfx-6ktc-2bcp" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-wr3g-xf17-abcx" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-yh9f-v452-tub3" }, { "vulnerability": "VCID-yxpr-kard-n7cr" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/56767?format=api", "purl": "pkg:composer/magento/community-edition@2.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-34a4-y3sn-97cp" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-3w85-cjt6-1kgv" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-73jm-z8yc-n3eh" }, { "vulnerability": "VCID-77v3-4g9b-mbg8" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-8azw-t94j-7bda" }, { "vulnerability": "VCID-94dk-wkd1-ryg5" }, { "vulnerability": "VCID-9bs6-bkg5-5ygw" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-ckmz-vs6x-sqgw" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e3hs-urj2-hugu" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-fw8t-pt9u-vbgn" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-j6jh-447c-vbay" }, { "vulnerability": "VCID-jbdw-8hjj-puh8" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-nww3-kpvm-4ucu" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-qqqf-kw83-dfgb" }, { "vulnerability": "VCID-rcdf-rkqa-c7bk" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-t74p-crez-wyhv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-ucfx-6ktc-2bcp" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-wr3g-xf17-abcx" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-yh9f-v452-tub3" }, { "vulnerability": "VCID-yxpr-kard-n7cr" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7139", "GHSA-4j6w-9rf8-hg7r" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t7ae-1xen-tqav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163847?format=api", "vulnerability_id": "VCID-tr2c-pvrf-ybd8", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3719", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.79849", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3719" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3719", "reference_id": "CVE-2020-3719", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3719" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3719", "GHSA-rr59-pjwj-6grj" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tr2c-pvrf-ybd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148980?format=api", "vulnerability_id": "VCID-tszq-tsvs-sbcr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8154", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01125", "scoring_system": "epss", "scoring_elements": "0.78592", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8154" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8154", "reference_id": "CVE-2019-8154", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8154" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8154.yaml", "reference_id": "CVE-2019-8154.YAML", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8154.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-4v2q-hjx3-c4vr", "reference_id": "GHSA-4v2q-hjx3-c4vr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4v2q-hjx3-c4vr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8154", "GHSA-4v2q-hjx3-c4vr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tszq-tsvs-sbcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148729?format=api", "vulnerability_id": "VCID-ucfx-6ktc-2bcp", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7869", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21437", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7869" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7869.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7869.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7869", "reference_id": "CVE-2019-7869", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7869" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7869", "GHSA-9f4p-3jgf-98f5" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ucfx-6ktc-2bcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/168110?format=api", "vulnerability_id": "VCID-vf84-53f7-4ffb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9692", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01607", "scoring_system": "epss", "scoring_elements": "0.82057", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9692" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/9436781734e47c83e96977fa770d255217680d5e", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/9436781734e47c83e96977fa770d255217680d5e" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-47.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-47.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9692", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9692" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77333?format=api", "purl": "pkg:composer/magento/community-edition@2.3.5-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.5-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/59701?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1z32-g2kw-pkdx" }, { "vulnerability": "VCID-38rm-wf86-ryfw" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-4phr-amm7-q3he" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5wjs-5jc8-y7dv" }, { "vulnerability": "VCID-631j-28c3-zqam" }, { "vulnerability": "VCID-7jfc-dbkn-9fa4" }, { "vulnerability": "VCID-86h6-jwyx-8yf2" }, { "vulnerability": "VCID-8kar-95vh-ube3" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-cd1x-g9b4-6ufh" }, { "vulnerability": "VCID-eh85-akw2-4qby" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-f418-amxz-xfey" }, { "vulnerability": "VCID-fs6u-kx4y-nqbh" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gngq-4jm1-nffv" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-hubk-cyxh-gbeu" }, { "vulnerability": "VCID-jgkp-2cew-c7hc" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mn2q-e59e-9bhu" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-mxpb-g7qp-w3gp" }, { "vulnerability": "VCID-ns3u-g7gm-kbfq" }, { "vulnerability": "VCID-p7gh-bgn5-kyfw" }, { "vulnerability": "VCID-t2pj-rv3r-7fda" }, { "vulnerability": "VCID-trys-a3eq-y7fb" }, { "vulnerability": "VCID-u87h-sf89-k3ew" }, { "vulnerability": "VCID-u8ch-jew7-pubj" }, { "vulnerability": "VCID-wbj6-ehhe-ybf1" }, { "vulnerability": "VCID-x9xn-qvau-kqhu" }, { "vulnerability": "VCID-xum3-uvmz-efhj" }, { "vulnerability": "VCID-z5sv-b3wm-rqbe" }, { "vulnerability": "VCID-z7g7-sbje-bbev" }, { "vulnerability": "VCID-zjmz-qn1y-n3d9" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0" } ], "aliases": [ "CVE-2020-9692", "GHSA-vqg7-8v6x-54rq" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vf84-53f7-4ffb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163846?format=api", "vulnerability_id": "VCID-vnpj-71vh-pkb2", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3718", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08697", "scoring_system": "epss", "scoring_elements": "0.92612", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3718" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3718", "reference_id": "CVE-2020-3718", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3718" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3718", "GHSA-x9p7-vgp2-9pq2" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vnpj-71vh-pkb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148961?format=api", "vulnerability_id": "VCID-w91u-6r6q-zfd7", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8135", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.77303", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8135" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8135", "reference_id": "CVE-2019-8135", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8135" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8135.yaml", "reference_id": "CVE-2019-8135.YAML", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8135.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-3q5x-7mxp-rp6j", "reference_id": "GHSA-3q5x-7mxp-rp6j", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3q5x-7mxp-rp6j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8135", "GHSA-3q5x-7mxp-rp6j" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w91u-6r6q-zfd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148728?format=api", "vulnerability_id": "VCID-wr3g-xf17-abcx", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21437", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7868" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7868.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7868.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7868", "reference_id": "CVE-2019-7868", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7868" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7868", "GHSA-g4jh-vxqm-6fff" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wr3g-xf17-abcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/163843?format=api", "vulnerability_id": "VCID-xpw6-2hr1-9qge", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3715", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45441", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-3715" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb20-02.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3715", "reference_id": "CVE-2020-3715", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3715" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/153807?format=api", "purl": "pkg:composer/magento/community-edition@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/153808?format=api", "purl": "pkg:composer/magento/community-edition@2.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.4" } ], "aliases": [ "CVE-2020-3715", "GHSA-mgg3-v948-2vgr" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xpw6-2hr1-9qge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148959?format=api", "vulnerability_id": "VCID-yeby-8p7j-7qaj", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8133", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16475", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8133" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8133", "reference_id": "CVE-2019-8133", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8133" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8133.yaml", "reference_id": "CVE-2019-8133.YAML", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8133.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-62fx-3v4f-mwxm", "reference_id": "GHSA-62fx-3v4f-mwxm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-62fx-3v4f-mwxm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8133", "GHSA-62fx-3v4f-mwxm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yeby-8p7j-7qaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148740?format=api", "vulnerability_id": "VCID-yh9f-v452-tub3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7882", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24783", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7882" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7882.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7882.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7882.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7882.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7882.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7882.yaml" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7882", "reference_id": "CVE-2019-7882", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7882" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7882", "GHSA-ff7r-7rrm-wx6w" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yh9f-v452-tub3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148771?format=api", "vulnerability_id": "VCID-yxpr-kard-n7cr", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25813", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7934" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7934.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-7934.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7934.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-7934.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7934.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-7934.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220121051916/https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7934", "reference_id": "CVE-2019-7934", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7934" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77893?format=api", "purl": "pkg:composer/magento/community-edition@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/77892?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2" } ], "aliases": [ "CVE-2019-7934", "GHSA-77mv-p94f-qcq4" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yxpr-kard-n7cr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/148978?format=api", "vulnerability_id": "VCID-z3g2-t29c-p3fb", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8152", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35029", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8152" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-8152.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ce/CVE-2019-8152.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-8152.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/magento1ee/CVE-2019-8152.yaml" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8152.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2019-8152.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" }, { "reference_url": "https://magento.com/security/patches/supee-11219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://magento.com/security/patches/supee-11219" }, { "reference_url": "https://web.archive.org/web/20211209030216/https://magento.com/security/patches/supee-11219", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211209030216/https://magento.com/security/patches/supee-11219" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8152", "reference_id": "CVE-2019-8152", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8152" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74347?format=api", "purl": "pkg:composer/magento/community-edition@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/74348?format=api", "purl": "pkg:composer/magento/community-edition@2.3.2-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3d5m-3y1r-hufv" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.2-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/74353?format=api", "purl": "pkg:composer/magento/community-edition@2.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.3" } ], "aliases": [ "CVE-2019-8152", "GHSA-jjmg-xmq2-g6ff" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z3g2-t29c-p3fb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/170776?format=api", "vulnerability_id": "VCID-zpae-wx95-83fa", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21024", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02071", "scoring_system": "epss", "scoring_elements": "0.84232", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-21024" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-08.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21024", "reference_id": "CVE-2021-21024", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21024" }, { "reference_url": "https://github.com/advisories/GHSA-rj4f-cp4v-hvcv", "reference_id": "GHSA-rj4f-cp4v-hvcv", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rj4f-cp4v-hvcv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77496?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/77332?format=api", "purl": "pkg:composer/magento/community-edition@2.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77497?format=api", "purl": "pkg:composer/magento/community-edition@2.4.1-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1" } ], "aliases": [ "CVE-2021-21024", "GHSA-rj4f-cp4v-hvcv" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zpae-wx95-83fa" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340790?format=api", "vulnerability_id": "VCID-fu5c-qn9f-pyc3", "summary": "Magento remote code execution (RCE), Cross-Site Scripting (XSS) and other vulnerabilities", "references": [ { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/2018-06-27.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/2018-06-27.yaml" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://web.archive.org/web/20210802091126/https://magento.com/security/patches/magento-2.2.5-and-2.1.14-security-update", "reference_id": "", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210802091126/https://magento.com/security/patches/magento-2.2.5-and-2.1.14-security-update" }, { "reference_url": "https://github.com/advisories/GHSA-5gmh-85x8-5cx7", "reference_id": "GHSA-5gmh-85x8-5cx7", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5gmh-85x8-5cx7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81307?format=api", "purl": "pkg:composer/magento/community-edition@2.1.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-34a4-y3sn-97cp" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-3w85-cjt6-1kgv" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-73jm-z8yc-n3eh" }, { "vulnerability": "VCID-77v3-4g9b-mbg8" }, { "vulnerability": "VCID-8azw-t94j-7bda" }, { "vulnerability": "VCID-94dk-wkd1-ryg5" }, { "vulnerability": "VCID-9bs6-bkg5-5ygw" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-ckmz-vs6x-sqgw" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e3hs-urj2-hugu" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-fw8t-pt9u-vbgn" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-j6jh-447c-vbay" }, { "vulnerability": "VCID-jbdw-8hjj-puh8" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-nww3-kpvm-4ucu" }, { "vulnerability": "VCID-qqqf-kw83-dfgb" }, { "vulnerability": "VCID-rcdf-rkqa-c7bk" }, { "vulnerability": "VCID-t74p-crez-wyhv" }, { "vulnerability": "VCID-t7ae-1xen-tqav" }, { "vulnerability": "VCID-ucfx-6ktc-2bcp" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-wr3g-xf17-abcx" }, { "vulnerability": "VCID-yh9f-v452-tub3" }, { "vulnerability": "VCID-yxpr-kard-n7cr" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/81306?format=api", "purl": "pkg:composer/magento/community-edition@2.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q42-wbp4-c3cs" }, { "vulnerability": "VCID-31gu-5peh-jyf8" }, { "vulnerability": "VCID-34a4-y3sn-97cp" }, { "vulnerability": "VCID-3fwk-gzst-aycg" }, { "vulnerability": "VCID-3w85-cjt6-1kgv" }, { "vulnerability": "VCID-4nuc-1pgt-4kdc" }, { "vulnerability": "VCID-5mu4-9ruv-uke4" }, { "vulnerability": "VCID-5px5-varz-8qa5" }, { "vulnerability": "VCID-5qpw-hn7v-n7dk" }, { "vulnerability": "VCID-73jm-z8yc-n3eh" }, { "vulnerability": "VCID-77v3-4g9b-mbg8" }, { "vulnerability": "VCID-77zn-ju3v-p3cs" }, { "vulnerability": "VCID-8azw-t94j-7bda" }, { "vulnerability": "VCID-94dk-wkd1-ryg5" }, { "vulnerability": "VCID-9bs6-bkg5-5ygw" }, { "vulnerability": "VCID-9ph3-z1rw-kqhc" }, { "vulnerability": "VCID-brvc-xvms-zqf4" }, { "vulnerability": "VCID-bxmb-sb7p-dkgm" }, { "vulnerability": "VCID-ckmz-vs6x-sqgw" }, { "vulnerability": "VCID-curx-pg5d-3qfv" }, { "vulnerability": "VCID-dcfx-5qz2-aybr" }, { "vulnerability": "VCID-dnsm-c53q-w7en" }, { "vulnerability": "VCID-dsp2-hyhy-ekbj" }, { "vulnerability": "VCID-dvs4-arma-2ke4" }, { "vulnerability": "VCID-e3hs-urj2-hugu" }, { "vulnerability": "VCID-e514-8tra-9kg2" }, { "vulnerability": "VCID-em73-vxub-zbhg" }, { "vulnerability": "VCID-evsh-gg3x-bfda" }, { "vulnerability": "VCID-fu9d-vb4r-vkhm" }, { "vulnerability": "VCID-fw8t-pt9u-vbgn" }, { "vulnerability": "VCID-gcy8-q3n4-euh5" }, { "vulnerability": "VCID-hb1m-rxm7-nyga" }, { "vulnerability": "VCID-j6jh-447c-vbay" }, { "vulnerability": "VCID-jbdw-8hjj-puh8" }, { "vulnerability": "VCID-kf9w-4pch-5yhm" }, { "vulnerability": "VCID-m3p9-61rr-ubes" }, { "vulnerability": "VCID-m4pz-7xnk-8fdg" }, { "vulnerability": "VCID-mxj2-c71n-3fgu" }, { "vulnerability": "VCID-n39v-vbhc-jkdq" }, { "vulnerability": "VCID-nww3-kpvm-4ucu" }, { "vulnerability": "VCID-qfm1-jhuc-jybd" }, { "vulnerability": "VCID-qp9f-r8g6-huhm" }, { "vulnerability": "VCID-qqqf-kw83-dfgb" }, { "vulnerability": "VCID-rcdf-rkqa-c7bk" }, { "vulnerability": "VCID-t3r4-hwfp-a7hv" }, { "vulnerability": "VCID-t74p-crez-wyhv" }, { "vulnerability": "VCID-t7ae-1xen-tqav" }, { "vulnerability": "VCID-tr2c-pvrf-ybd8" }, { "vulnerability": "VCID-tszq-tsvs-sbcr" }, { "vulnerability": "VCID-ucfx-6ktc-2bcp" }, { "vulnerability": "VCID-vf84-53f7-4ffb" }, { "vulnerability": "VCID-vnpj-71vh-pkb2" }, { "vulnerability": "VCID-w91u-6r6q-zfd7" }, { "vulnerability": "VCID-wr3g-xf17-abcx" }, { "vulnerability": "VCID-xpw6-2hr1-9qge" }, { "vulnerability": "VCID-yeby-8p7j-7qaj" }, { "vulnerability": "VCID-yh9f-v452-tub3" }, { "vulnerability": "VCID-yxpr-kard-n7cr" }, { "vulnerability": "VCID-z3g2-t29c-p3fb" }, { "vulnerability": "VCID-zpae-wx95-83fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.5" } ], "aliases": [ "GHSA-5gmh-85x8-5cx7" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fu5c-qn9f-pyc3" } ], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.5" }