Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/109930?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/109930?format=api", "vulnerability_id": "VCID-hq7k-qz7g-4bc2", "summary": "Magento Path Traversal vulnerability\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could be abused by an attacker to inject malicious scripts into the vulnerable endpoint. A low privileged attacker could leverage this vulnerability to read local files and to perform Stored XSS. Exploitation of this issue does not require user interaction.", "aliases": [ { "alias": "CVE-2022-34254" }, { "alias": "GHSA-fx9g-g9q6-x3jx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/144516?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7-p4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/66776?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2g87-y8ek-xfdr" }, { "vulnerability": "VCID-2ttz-k7d2-jucf" }, { "vulnerability": "VCID-36ve-7wxt-z7fz" }, { "vulnerability": "VCID-4cbe-djqs-tug1" }, { "vulnerability": "VCID-4w1v-es9j-subp" }, { "vulnerability": "VCID-6mjf-p1d9-8qa1" }, { "vulnerability": "VCID-8u5e-d6nx-3khc" }, { "vulnerability": "VCID-b5hn-f1qk-z7cu" }, { "vulnerability": "VCID-c1ta-jffg-cfg9" }, { "vulnerability": "VCID-cfjt-51xj-qqdw" }, { "vulnerability": "VCID-er49-k3tc-ufcu" }, { "vulnerability": "VCID-fyh6-gupt-eqgm" }, { "vulnerability": "VCID-fz6y-fece-skgr" }, { "vulnerability": "VCID-gxnx-f2qh-3yf9" }, { "vulnerability": "VCID-hspp-kw5e-akbr" }, { "vulnerability": "VCID-kgws-xvjr-g7bv" }, { "vulnerability": "VCID-kv6x-nz1s-uuar" }, { "vulnerability": "VCID-n5mn-3a8f-nbdb" }, { "vulnerability": "VCID-nn21-hf8r-ykfd" }, { "vulnerability": "VCID-p1py-xewy-7khn" }, { "vulnerability": "VCID-p9qx-66yy-1kc1" }, { "vulnerability": "VCID-pm85-dfg2-euep" }, { "vulnerability": "VCID-rgnq-s54v-vkdm" }, { "vulnerability": "VCID-w42y-yc7r-kqhp" }, { "vulnerability": "VCID-wh14-k3ex-pubq" }, { "vulnerability": "VCID-y93w-2qcc-wqg8" }, { "vulnerability": "VCID-ze8y-4wfs-hbf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/144517?format=api", "purl": "pkg:composer/magento/community-edition@2.4.3-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5wfa-wpby-dke1" }, { "vulnerability": "VCID-hd53-pxmk-ruap" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/64404?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2h52-3pt6-dfcw" }, { "vulnerability": "VCID-2vsw-t8k2-4bfm" }, { "vulnerability": "VCID-3et4-3zad-1qfn" }, { "vulnerability": "VCID-3zcy-b3th-ukhd" }, { "vulnerability": "VCID-525q-afzj-tkcp" }, { "vulnerability": "VCID-5gxr-xksz-5ydb" }, { "vulnerability": "VCID-5wfa-wpby-dke1" }, { "vulnerability": "VCID-6t9w-cnkz-s3c3" }, { "vulnerability": "VCID-6tx4-wexr-fkbb" }, { "vulnerability": "VCID-7ewa-w75h-qfdy" }, { "vulnerability": "VCID-7hrm-jtbx-sqgm" }, { "vulnerability": "VCID-7pr7-uqp1-sugt" }, { "vulnerability": "VCID-7s3w-8dn6-jqh7" }, { "vulnerability": "VCID-7s7e-adr6-h3dc" }, { "vulnerability": "VCID-8hx4-r8bb-n7ge" }, { "vulnerability": "VCID-8ky6-w2nk-9bds" }, { "vulnerability": "VCID-8msu-s38a-p7e3" }, { "vulnerability": "VCID-8shb-t5zp-rqbu" }, { "vulnerability": "VCID-9cc9-npdc-8bac" }, { "vulnerability": "VCID-9vrt-uccb-myev" }, { "vulnerability": "VCID-a8gs-ervm-e3hm" }, { "vulnerability": "VCID-a9b6-tenb-afdw" }, { "vulnerability": "VCID-agtm-nkhp-dkdn" }, { "vulnerability": "VCID-ayfe-5a7g-u7b7" }, { "vulnerability": "VCID-az2w-5xhy-5fe4" }, { "vulnerability": "VCID-b3cn-pjp3-4yhm" }, { "vulnerability": "VCID-b4jg-dj1a-9qd5" }, { "vulnerability": "VCID-b9ry-u6qy-j7cc" }, { "vulnerability": "VCID-bch8-kq49-skhm" }, { "vulnerability": "VCID-bera-73sm-bbh7" }, { "vulnerability": "VCID-bkpz-ratd-e7ab" }, { "vulnerability": "VCID-bzyh-c5tm-j7dn" }, { "vulnerability": "VCID-c4ms-3und-c7d1" }, { "vulnerability": "VCID-cc8x-6es1-8kc5" }, { "vulnerability": "VCID-cgwk-hn4t-n7c1" }, { "vulnerability": "VCID-cqjn-3z6n-sff1" }, { "vulnerability": "VCID-d2ab-j8bf-e7dx" }, { "vulnerability": "VCID-d6mk-hg8h-7qbc" }, { "vulnerability": "VCID-dpgz-dacm-sqg6" }, { "vulnerability": "VCID-dpm5-tmsy-2bez" }, { "vulnerability": "VCID-du16-f2wp-t3cw" }, { "vulnerability": "VCID-dur2-pfke-h7hf" }, { "vulnerability": "VCID-dx43-89w9-a7dg" }, { "vulnerability": "VCID-e7zd-dn28-4bf1" }, { "vulnerability": "VCID-e9zx-zy9y-2fcp" }, { "vulnerability": "VCID-eahe-s41f-ckc1" }, { "vulnerability": "VCID-egy6-nku7-zyap" }, { "vulnerability": "VCID-evth-swm9-k3de" }, { "vulnerability": "VCID-fyh6-gupt-eqgm" }, { "vulnerability": "VCID-fz5y-um7w-63f4" }, { "vulnerability": "VCID-fzam-yuyg-qyd5" }, { "vulnerability": "VCID-gedj-39p5-ubd6" }, { "vulnerability": "VCID-gxj9-a1hc-47de" }, { "vulnerability": "VCID-hbau-7tvg-cygz" }, { "vulnerability": "VCID-hd53-pxmk-ruap" }, { "vulnerability": "VCID-hfbb-ax6r-tbaz" }, { "vulnerability": "VCID-hh8a-mgkk-3yb5" }, { "vulnerability": "VCID-hq7k-qz7g-4bc2" }, { "vulnerability": "VCID-j124-q39m-mkby" }, { "vulnerability": "VCID-j5vp-2jrx-ukf4" }, { "vulnerability": "VCID-j6ss-8f4e-e7g2" }, { "vulnerability": "VCID-jhd5-tqph-3ufu" }, { "vulnerability": "VCID-kezx-5nw5-hfen" }, { "vulnerability": "VCID-kje4-asu6-dfg2" }, { "vulnerability": "VCID-kq4m-anrt-rugn" }, { "vulnerability": "VCID-kuzc-uv5b-v7an" }, { "vulnerability": "VCID-kxnm-y19k-mqg2" }, { "vulnerability": "VCID-kyvw-d4e8-1fd4" }, { "vulnerability": "VCID-m5z8-hz81-j7b7" }, { "vulnerability": "VCID-m83v-51cy-uqar" }, { "vulnerability": "VCID-mhvf-2keh-2qar" }, { "vulnerability": "VCID-mjb6-7au8-5fdx" }, { "vulnerability": "VCID-msac-ptqf-pyg1" }, { "vulnerability": "VCID-mtr5-suag-2bdj" }, { "vulnerability": "VCID-mzsj-dck5-pqc5" }, { "vulnerability": "VCID-ns8t-vtcn-aqh4" }, { "vulnerability": "VCID-p222-28c1-vfhy" }, { "vulnerability": "VCID-pxxm-ce8x-abdq" }, { "vulnerability": "VCID-qfw5-3tdu-x7g4" }, { "vulnerability": "VCID-qgpx-hgzu-5qgp" }, { "vulnerability": "VCID-qj4x-u7gx-9uf1" }, { "vulnerability": "VCID-qp7s-amch-v3cd" }, { "vulnerability": "VCID-qzqd-271b-ybfj" }, { "vulnerability": "VCID-r4bw-w4t9-23ek" }, { "vulnerability": "VCID-r7nh-arcj-8fb3" }, { "vulnerability": "VCID-rbjk-3gcs-2qb5" }, { "vulnerability": "VCID-rduw-apr6-4fdu" }, { "vulnerability": "VCID-re84-qg3k-3ub3" }, { "vulnerability": "VCID-rf6p-ct86-5bgz" }, { "vulnerability": "VCID-ruru-fwmn-5kes" }, { "vulnerability": "VCID-rxac-w9pd-aqe1" }, { "vulnerability": "VCID-s4bp-kzfu-8qfy" }, { "vulnerability": "VCID-s5e2-d6n8-kkbr" }, { "vulnerability": "VCID-scg7-ugdn-53b9" }, { "vulnerability": "VCID-shfz-pxan-v3ar" }, { "vulnerability": "VCID-te3b-exz5-zke1" }, { "vulnerability": "VCID-tvz9-8s4d-gbg6" }, { "vulnerability": "VCID-txb3-ez5r-r7ek" }, { "vulnerability": "VCID-ugyc-gehq-rudu" }, { "vulnerability": "VCID-upcj-z3c1-ubcf" }, { "vulnerability": "VCID-vcdk-gdky-7fdg" }, { "vulnerability": "VCID-vp8y-y64r-wkc9" }, { "vulnerability": "VCID-vu36-a1g1-nugt" }, { "vulnerability": "VCID-vx13-4b1d-wbgp" }, { "vulnerability": "VCID-w3zd-fezc-nuhd" }, { "vulnerability": "VCID-wjfe-wh5k-1qft" }, { "vulnerability": "VCID-ws6y-k3tx-r3gb" }, { "vulnerability": "VCID-wvyx-2bbb-9yf7" }, { "vulnerability": "VCID-x46d-a16g-nkg9" }, { "vulnerability": "VCID-xfvu-2zg4-ruf6" }, { "vulnerability": "VCID-xk5y-7a1w-zba9" }, { "vulnerability": "VCID-xsq8-ztqh-ubb8" }, { "vulnerability": "VCID-y1v3-9tyq-uqhd" }, { "vulnerability": "VCID-y4r1-yr69-uuf6" }, { "vulnerability": "VCID-y4u6-cy8y-hyae" }, { "vulnerability": "VCID-y7x4-664r-3fbk" }, { "vulnerability": "VCID-yuvf-e7hk-kqf9" }, { "vulnerability": "VCID-z2v2-n138-6ydv" }, { "vulnerability": "VCID-zdpz-8tc2-6kah" }, { "vulnerability": "VCID-zt9b-9sjx-7qb4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/64406?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1jsp-392b-2fgb" }, { "vulnerability": "VCID-2h52-3pt6-dfcw" }, { "vulnerability": "VCID-2vsw-t8k2-4bfm" }, { "vulnerability": "VCID-3et4-3zad-1qfn" }, { "vulnerability": "VCID-3g5s-hryc-5qa9" }, { "vulnerability": "VCID-3zcy-b3th-ukhd" }, { "vulnerability": "VCID-4dae-vty8-b7hk" }, { "vulnerability": "VCID-525q-afzj-tkcp" }, { "vulnerability": "VCID-5gxr-xksz-5ydb" }, { "vulnerability": "VCID-5wfa-wpby-dke1" }, { "vulnerability": "VCID-6p6q-ctya-q3bv" }, { "vulnerability": "VCID-6t9w-cnkz-s3c3" }, { "vulnerability": "VCID-6tx4-wexr-fkbb" }, { "vulnerability": "VCID-7ewa-w75h-qfdy" }, { "vulnerability": "VCID-7hrm-jtbx-sqgm" }, { "vulnerability": "VCID-7pr7-uqp1-sugt" }, { "vulnerability": "VCID-7s3w-8dn6-jqh7" }, { "vulnerability": "VCID-7s74-rdkp-vyaf" }, { "vulnerability": "VCID-7s7e-adr6-h3dc" }, { "vulnerability": "VCID-8hx4-r8bb-n7ge" }, { "vulnerability": "VCID-8ky6-w2nk-9bds" }, { "vulnerability": "VCID-8msu-s38a-p7e3" }, { "vulnerability": "VCID-8shb-t5zp-rqbu" }, { "vulnerability": "VCID-9cc9-npdc-8bac" }, { "vulnerability": "VCID-9vrt-uccb-myev" }, { "vulnerability": "VCID-a8gs-ervm-e3hm" }, { "vulnerability": "VCID-a9b6-tenb-afdw" }, { "vulnerability": "VCID-agtm-nkhp-dkdn" }, { "vulnerability": "VCID-ayfe-5a7g-u7b7" }, { "vulnerability": "VCID-az2w-5xhy-5fe4" }, { "vulnerability": "VCID-b3cn-pjp3-4yhm" }, { "vulnerability": "VCID-b4jg-dj1a-9qd5" }, { "vulnerability": "VCID-b9ry-u6qy-j7cc" }, { "vulnerability": "VCID-bch8-kq49-skhm" }, { "vulnerability": "VCID-bera-73sm-bbh7" }, { "vulnerability": "VCID-bkpz-ratd-e7ab" }, { "vulnerability": "VCID-bzyh-c5tm-j7dn" }, { "vulnerability": "VCID-cc8x-6es1-8kc5" }, { "vulnerability": "VCID-ccx1-qacj-2qev" }, { "vulnerability": "VCID-cgwk-hn4t-n7c1" }, { "vulnerability": "VCID-cm2a-1yc5-v3cy" }, { "vulnerability": "VCID-cqjn-3z6n-sff1" }, { "vulnerability": "VCID-d2ab-j8bf-e7dx" }, { "vulnerability": "VCID-d6mk-hg8h-7qbc" }, { "vulnerability": "VCID-dpgz-dacm-sqg6" }, { "vulnerability": "VCID-du16-f2wp-t3cw" }, { "vulnerability": "VCID-dur2-pfke-h7hf" }, { "vulnerability": "VCID-dx43-89w9-a7dg" }, { "vulnerability": "VCID-e7zd-dn28-4bf1" }, { "vulnerability": "VCID-e9zx-zy9y-2fcp" }, { "vulnerability": "VCID-eahe-s41f-ckc1" }, { "vulnerability": "VCID-egy6-nku7-zyap" }, { "vulnerability": "VCID-evth-swm9-k3de" }, { "vulnerability": "VCID-eygc-ra9u-gyej" }, { "vulnerability": "VCID-fz5y-um7w-63f4" }, { "vulnerability": "VCID-fzam-yuyg-qyd5" }, { "vulnerability": "VCID-gedj-39p5-ubd6" }, { "vulnerability": "VCID-gxj9-a1hc-47de" }, { "vulnerability": "VCID-hbau-7tvg-cygz" }, { "vulnerability": "VCID-hd53-pxmk-ruap" }, { "vulnerability": "VCID-hfbb-ax6r-tbaz" }, { "vulnerability": "VCID-hh8a-mgkk-3yb5" }, { "vulnerability": "VCID-j124-q39m-mkby" }, { "vulnerability": "VCID-j5vp-2jrx-ukf4" }, { "vulnerability": "VCID-j6ss-8f4e-e7g2" }, { "vulnerability": "VCID-jhd5-tqph-3ufu" }, { "vulnerability": "VCID-kezx-5nw5-hfen" }, { "vulnerability": "VCID-kje4-asu6-dfg2" }, { "vulnerability": "VCID-kq4m-anrt-rugn" }, { "vulnerability": "VCID-kuzc-uv5b-v7an" }, { "vulnerability": "VCID-kxnm-y19k-mqg2" }, { "vulnerability": "VCID-m5z8-hz81-j7b7" }, { "vulnerability": "VCID-m83v-51cy-uqar" }, { "vulnerability": "VCID-md7v-w5aq-t7h1" }, { "vulnerability": "VCID-mhvf-2keh-2qar" }, { "vulnerability": "VCID-mjb6-7au8-5fdx" }, { "vulnerability": "VCID-msac-ptqf-pyg1" }, { "vulnerability": "VCID-mtr5-suag-2bdj" }, { "vulnerability": "VCID-ns8t-vtcn-aqh4" }, { "vulnerability": "VCID-p222-28c1-vfhy" }, { "vulnerability": "VCID-qfw5-3tdu-x7g4" }, { "vulnerability": "VCID-qgpx-hgzu-5qgp" }, { "vulnerability": "VCID-qj4x-u7gx-9uf1" }, { "vulnerability": "VCID-qp7s-amch-v3cd" }, { "vulnerability": "VCID-qzqd-271b-ybfj" }, { "vulnerability": "VCID-r4bw-w4t9-23ek" }, { "vulnerability": "VCID-r7nh-arcj-8fb3" }, { "vulnerability": "VCID-rbjk-3gcs-2qb5" }, { "vulnerability": "VCID-rduw-apr6-4fdu" }, { "vulnerability": "VCID-re84-qg3k-3ub3" }, { "vulnerability": "VCID-rf6p-ct86-5bgz" }, { "vulnerability": "VCID-ruru-fwmn-5kes" }, { "vulnerability": "VCID-rxac-w9pd-aqe1" }, { "vulnerability": "VCID-s4bp-kzfu-8qfy" }, { "vulnerability": "VCID-s5e2-d6n8-kkbr" }, { "vulnerability": "VCID-scg7-ugdn-53b9" }, { "vulnerability": "VCID-shfz-pxan-v3ar" }, { "vulnerability": "VCID-tc3m-4bkg-qkcf" }, { "vulnerability": "VCID-te3b-exz5-zke1" }, { "vulnerability": "VCID-tvz9-8s4d-gbg6" }, { "vulnerability": "VCID-txb3-ez5r-r7ek" }, { "vulnerability": "VCID-tzug-ckkn-dyft" }, { "vulnerability": "VCID-ugyc-gehq-rudu" }, { "vulnerability": "VCID-upcj-z3c1-ubcf" }, { "vulnerability": "VCID-vu36-a1g1-nugt" }, { "vulnerability": "VCID-vx13-4b1d-wbgp" }, { "vulnerability": "VCID-w3zd-fezc-nuhd" }, { "vulnerability": "VCID-wjfe-wh5k-1qft" }, { "vulnerability": "VCID-ws6y-k3tx-r3gb" }, { "vulnerability": "VCID-wvyx-2bbb-9yf7" }, { "vulnerability": "VCID-wzu6-rbsv-mkde" }, { "vulnerability": "VCID-x46d-a16g-nkg9" }, { "vulnerability": "VCID-xfvu-2zg4-ruf6" }, { "vulnerability": "VCID-xk5y-7a1w-zba9" }, { "vulnerability": "VCID-xsq8-ztqh-ubb8" }, { "vulnerability": "VCID-y1v3-9tyq-uqhd" }, { "vulnerability": "VCID-y4r1-yr69-uuf6" }, { "vulnerability": "VCID-y4u6-cy8y-hyae" }, { "vulnerability": "VCID-y7x4-664r-3fbk" }, { "vulnerability": "VCID-yuvf-e7hk-kqf9" }, { "vulnerability": "VCID-z2v2-n138-6ydv" }, { "vulnerability": "VCID-zdpz-8tc2-6kah" }, { "vulnerability": "VCID-zt9b-9sjx-7qb4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57760?format=api", "purl": "pkg:composer/magento/community-edition@2.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1dxu-63w5-ekgu" }, { "vulnerability": "VCID-1eda-g39a-pbbc" }, { "vulnerability": "VCID-1j1n-6t6c-5fh9" }, { "vulnerability": "VCID-1k4q-2ttb-13hd" }, { "vulnerability": "VCID-1rqu-rabn-s3hx" }, { "vulnerability": "VCID-1vw9-9rmg-ekdz" }, { "vulnerability": "VCID-3he2-uctk-kucj" }, { "vulnerability": "VCID-3qx6-ag5g-8kh3" }, { "vulnerability": "VCID-451v-uuw6-t3cb" }, { "vulnerability": "VCID-4dpd-v3e4-6yaz" }, { "vulnerability": "VCID-4dpj-5zh4-4fgv" }, { "vulnerability": "VCID-4rgk-9g8x-9ba9" }, { "vulnerability": "VCID-4yh7-33rp-57g6" }, { "vulnerability": "VCID-5jn6-gjtc-hkcv" }, { "vulnerability": "VCID-5ppd-jm8d-97eh" }, { "vulnerability": "VCID-5t4k-dsf1-6yew" }, { "vulnerability": "VCID-647f-etpr-7yh2" }, { "vulnerability": "VCID-6x2s-f7fh-4yac" }, { "vulnerability": "VCID-71y6-hqhb-hqbz" }, { "vulnerability": "VCID-7e2t-x8vb-b7gu" }, { "vulnerability": "VCID-7h8f-y39q-9bgm" }, { "vulnerability": "VCID-7ww7-eexc-xfg5" }, { "vulnerability": "VCID-87ka-etbj-pfen" }, { "vulnerability": "VCID-8df7-bj7e-kqct" }, { "vulnerability": "VCID-8dk7-9x9f-nyce" }, { "vulnerability": "VCID-8dq1-mm7t-juge" }, { "vulnerability": "VCID-91q6-y9ng-k7hm" }, { "vulnerability": "VCID-98d9-mz52-r3df" }, { "vulnerability": "VCID-99yr-h8p6-pqek" }, { "vulnerability": "VCID-9aex-gkrp-jfds" }, { "vulnerability": "VCID-9gtb-vdpa-kudt" }, { "vulnerability": "VCID-9hzp-v5v4-g7d2" }, { "vulnerability": "VCID-9ukj-86yg-jqf8" }, { "vulnerability": "VCID-a5rz-y1hu-ubc6" }, { "vulnerability": "VCID-a83s-fwca-y7dk" }, { "vulnerability": "VCID-acgj-j9vr-13gu" }, { "vulnerability": "VCID-aqaj-qs9w-jkdd" }, { "vulnerability": "VCID-auav-unvj-jye2" }, { "vulnerability": "VCID-b2jc-f6dt-h7bh" }, { "vulnerability": "VCID-bc4n-g7zu-k3a3" }, { "vulnerability": "VCID-bsqw-1ywb-cydm" }, { "vulnerability": "VCID-bwfu-ab1x-eua9" }, { "vulnerability": "VCID-bxjk-uma4-auc9" }, { "vulnerability": "VCID-c1zp-x19b-2ycy" }, { "vulnerability": "VCID-c4ms-3und-c7d1" }, { "vulnerability": "VCID-c6xs-xkhj-vbg6" }, { "vulnerability": "VCID-cb4v-2t8g-abbg" }, { "vulnerability": "VCID-cmbh-d4y2-3fb4" }, { "vulnerability": "VCID-cp21-cydp-suf8" }, { "vulnerability": "VCID-cw2n-d2g1-hbft" }, { "vulnerability": "VCID-d2uj-57bk-tfft" }, { "vulnerability": "VCID-d683-e29k-4bec" }, { "vulnerability": "VCID-dax5-k254-ffbc" }, { "vulnerability": "VCID-dh2p-qqbr-hkh4" }, { "vulnerability": "VCID-dqkx-knjf-47hh" }, { "vulnerability": "VCID-dvjb-gn4a-afhq" }, { "vulnerability": "VCID-dw3y-c8xc-vbg5" }, { "vulnerability": "VCID-e13p-7zwb-m3ft" }, { "vulnerability": "VCID-e7k8-hmqe-wufh" }, { "vulnerability": "VCID-ekzx-3a5n-cqed" }, { "vulnerability": "VCID-emhr-qdz8-gqfs" }, { "vulnerability": "VCID-ey9c-aqu3-qqcj" }, { "vulnerability": "VCID-eyfh-jns6-vke5" }, { "vulnerability": "VCID-f5ef-53gt-nbcu" }, { "vulnerability": "VCID-fgqe-h7ey-33bd" }, { "vulnerability": "VCID-fn46-hk9u-dfhh" }, { "vulnerability": "VCID-fy6c-nycw-b3a9" }, { "vulnerability": "VCID-g8k7-agvs-ubbz" }, { "vulnerability": "VCID-g9uk-4dfd-muh4" }, { "vulnerability": "VCID-gdn6-jk9k-s3aj" }, { "vulnerability": "VCID-gjt4-tnet-6fck" }, { "vulnerability": "VCID-gm81-x6qm-xbat" }, { "vulnerability": "VCID-gred-dby6-bfhn" }, { "vulnerability": "VCID-grhh-gm6j-p7ht" }, { "vulnerability": "VCID-h4nn-2mrj-g3ds" }, { "vulnerability": "VCID-h5v9-wwkg-kfcj" }, { "vulnerability": "VCID-h64s-51sc-huga" }, { "vulnerability": "VCID-hm1k-1xfy-6fh8" }, { "vulnerability": "VCID-hn49-n9xr-k7c7" }, { "vulnerability": "VCID-hq7k-qz7g-4bc2" }, { "vulnerability": "VCID-hr26-efy6-77dy" }, { "vulnerability": "VCID-hufp-fajk-n7gu" }, { "vulnerability": "VCID-jjbr-mu9r-1bdh" }, { "vulnerability": "VCID-jw7d-ms7b-wbfv" }, { "vulnerability": "VCID-jyup-mxz2-97b4" }, { "vulnerability": "VCID-k7ej-dq8t-33df" }, { "vulnerability": "VCID-k8jy-nckd-vkde" }, { "vulnerability": "VCID-kfap-f6db-n3am" }, { "vulnerability": "VCID-kjp9-9vag-vqhs" }, { "vulnerability": "VCID-kyvw-d4e8-1fd4" }, { "vulnerability": "VCID-m1yj-gxwk-4kfs" }, { "vulnerability": "VCID-m82s-7bj5-pff2" }, { "vulnerability": "VCID-md2p-6h7w-m7fy" }, { "vulnerability": "VCID-mjqm-5xy8-9ya9" }, { "vulnerability": "VCID-mp31-hycm-xbgz" }, { "vulnerability": "VCID-mrx5-dbah-guf8" }, { "vulnerability": "VCID-mszv-cfc2-fkhj" }, { "vulnerability": "VCID-myht-j19s-abbb" }, { "vulnerability": "VCID-mzsj-dck5-pqc5" }, { "vulnerability": "VCID-n3kv-6gdp-qugd" }, { "vulnerability": "VCID-n5zn-qvwh-ubd3" }, { "vulnerability": "VCID-n6jb-4vkn-f7d2" }, { "vulnerability": "VCID-n6n4-ycz2-9fgq" }, { "vulnerability": "VCID-ne2q-15ey-pbca" }, { "vulnerability": "VCID-nf6t-99ep-w3dy" }, { "vulnerability": "VCID-nhc5-t9tn-bucd" }, { "vulnerability": "VCID-p5qc-n3pr-k3cb" }, { "vulnerability": "VCID-pd4m-tn9x-8kee" }, { "vulnerability": "VCID-pft7-2w44-2qh1" }, { "vulnerability": "VCID-ph2b-sfdj-tygn" }, { "vulnerability": "VCID-ppfq-253d-gyhw" }, { "vulnerability": "VCID-pt9w-m9fq-wbah" }, { "vulnerability": "VCID-pv8p-4ac3-kygw" }, { "vulnerability": "VCID-px1s-dzpe-qbfx" }, { "vulnerability": "VCID-pxxm-ce8x-abdq" }, { "vulnerability": "VCID-q222-hs3g-jycr" }, { "vulnerability": "VCID-q7b5-atru-dbbm" }, { "vulnerability": "VCID-qcbx-aq4x-9far" }, { "vulnerability": "VCID-qr9t-ckvn-8uby" }, { "vulnerability": "VCID-qs9v-afgj-7bb3" }, { "vulnerability": "VCID-qwnb-6eb9-4ucf" }, { "vulnerability": "VCID-qx68-8xvf-a7hy" }, { "vulnerability": "VCID-qxrc-8wng-afda" }, { "vulnerability": "VCID-r9vd-3wxe-t3et" }, { "vulnerability": "VCID-rvkp-5uvf-73h8" }, { "vulnerability": "VCID-rwg6-wg1f-bka2" }, { "vulnerability": "VCID-s4dx-4hat-jfca" }, { "vulnerability": "VCID-spjd-9z79-jueh" }, { "vulnerability": "VCID-tcry-6ya3-73b3" }, { "vulnerability": "VCID-tdg3-1dcq-ekgr" }, { "vulnerability": "VCID-tme1-k9t9-2qbb" }, { "vulnerability": "VCID-tuw6-hdbp-yqb2" }, { "vulnerability": "VCID-tw3n-nq5e-ukg1" }, { "vulnerability": "VCID-u1uw-9c7f-jfgn" }, { "vulnerability": "VCID-u3xf-g31z-h3bn" }, { "vulnerability": "VCID-ugug-4yz4-7kgc" }, { "vulnerability": "VCID-upfh-zv37-ruhb" }, { "vulnerability": "VCID-uw26-78xp-hben" }, { "vulnerability": "VCID-uwnu-vhsb-g3bj" }, { "vulnerability": "VCID-v9mz-up25-cych" }, { "vulnerability": "VCID-vcdk-gdky-7fdg" }, { "vulnerability": "VCID-vf6u-35k7-vucs" }, { "vulnerability": "VCID-vp8y-y64r-wkc9" }, { "vulnerability": "VCID-vqqj-z31y-qfcr" }, { "vulnerability": "VCID-wcnq-dgb5-1yh2" }, { "vulnerability": "VCID-wcz3-j28f-gfek" }, { "vulnerability": "VCID-wfma-kt7g-dkbu" }, { "vulnerability": "VCID-whxq-jq76-mbcp" }, { "vulnerability": "VCID-wkhs-89a4-x3dq" }, { "vulnerability": "VCID-wsz3-ucbw-tkbw" }, { "vulnerability": "VCID-wyv2-15dp-8udp" }, { "vulnerability": "VCID-wzcg-wnnq-uudu" }, { "vulnerability": "VCID-x1xg-sy2w-h7hy" }, { "vulnerability": "VCID-xdsv-nbjf-1qbu" }, { "vulnerability": "VCID-xrgt-rdg1-3kc2" }, { "vulnerability": "VCID-xzxz-hs8y-93bf" }, { "vulnerability": "VCID-y2ze-pnbz-g7eg" }, { "vulnerability": "VCID-ya5v-gewx-gudt" }, { "vulnerability": "VCID-yt2x-914b-27dz" }, { "vulnerability": "VCID-yvcy-4e8m-p3b8" }, { "vulnerability": "VCID-yzq8-6bnc-byf9" }, { "vulnerability": "VCID-z58v-fmp4-n3dh" }, { "vulnerability": "VCID-z7t9-t3q2-pycf" }, { "vulnerability": "VCID-z91k-1zwf-pbc3" }, { "vulnerability": "VCID-zabm-9s5c-1bac" }, { "vulnerability": "VCID-zgyj-4zuz-wkev" }, { "vulnerability": "VCID-zubf-dqv7-xkf3" }, { "vulnerability": "VCID-zx6g-p961-e3bt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/60732?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1b6m-qfes-mqab" }, { "vulnerability": "VCID-1k4q-2ttb-13hd" }, { "vulnerability": "VCID-6wdt-8fbe-hkbe" }, { "vulnerability": "VCID-8ape-agd1-s7hf" }, { "vulnerability": "VCID-apue-gaqy-n3cq" }, { "vulnerability": "VCID-c4ms-3und-c7d1" }, { "vulnerability": "VCID-c4mx-9727-nfgs" }, { "vulnerability": "VCID-cae3-fgn1-83hu" }, { "vulnerability": "VCID-dpm5-tmsy-2bez" }, { "vulnerability": "VCID-dqkx-knjf-47hh" }, { "vulnerability": "VCID-e7k8-hmqe-wufh" }, { "vulnerability": "VCID-ed87-d3y2-wfck" }, { "vulnerability": "VCID-fgqe-h7ey-33bd" }, { "vulnerability": "VCID-gyj5-abau-uyf6" }, { "vulnerability": "VCID-h4nn-2mrj-g3ds" }, { "vulnerability": "VCID-h64s-51sc-huga" }, { "vulnerability": "VCID-hq7k-qz7g-4bc2" }, { "vulnerability": "VCID-hufp-fajk-n7gu" }, { "vulnerability": "VCID-j77a-cqsd-wuf1" }, { "vulnerability": "VCID-jmhs-9u49-ekbj" }, { "vulnerability": "VCID-kyvw-d4e8-1fd4" }, { "vulnerability": "VCID-mtes-xpe5-qkdj" }, { "vulnerability": "VCID-mzsj-dck5-pqc5" }, { "vulnerability": "VCID-nm39-k1su-yyep" }, { "vulnerability": "VCID-px1s-dzpe-qbfx" }, { "vulnerability": "VCID-pxxm-ce8x-abdq" }, { "vulnerability": "VCID-q4yr-fqww-tbb1" }, { "vulnerability": "VCID-qq42-4zzt-3kh2" }, { "vulnerability": "VCID-qx68-8xvf-a7hy" }, { "vulnerability": "VCID-sd6n-a9mk-aufb" }, { "vulnerability": "VCID-spjd-9z79-jueh" }, { "vulnerability": "VCID-u2hc-27c2-1udc" }, { "vulnerability": "VCID-vcdk-gdky-7fdg" }, { "vulnerability": "VCID-ve4u-d5rz-wyab" }, { "vulnerability": "VCID-vp8y-y64r-wkc9" }, { "vulnerability": "VCID-w4uu-k7nk-a7hr" }, { "vulnerability": "VCID-wbt5-q9qd-8kby" }, { "vulnerability": "VCID-xbhh-m11c-gkeu" }, { "vulnerability": "VCID-yvcy-4e8m-p3b8" }, { "vulnerability": "VCID-zkkk-5q62-ubca" }, { "vulnerability": "VCID-zubf-dqv7-xkf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/64404?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2h52-3pt6-dfcw" }, { "vulnerability": "VCID-2vsw-t8k2-4bfm" }, { "vulnerability": "VCID-3et4-3zad-1qfn" }, { "vulnerability": "VCID-3zcy-b3th-ukhd" }, { "vulnerability": "VCID-525q-afzj-tkcp" }, { "vulnerability": "VCID-5gxr-xksz-5ydb" }, { "vulnerability": "VCID-5wfa-wpby-dke1" }, { "vulnerability": "VCID-6t9w-cnkz-s3c3" }, { "vulnerability": "VCID-6tx4-wexr-fkbb" }, { "vulnerability": "VCID-7ewa-w75h-qfdy" }, { "vulnerability": "VCID-7hrm-jtbx-sqgm" }, { "vulnerability": "VCID-7pr7-uqp1-sugt" }, { "vulnerability": "VCID-7s3w-8dn6-jqh7" }, { "vulnerability": "VCID-7s7e-adr6-h3dc" }, { "vulnerability": "VCID-8hx4-r8bb-n7ge" }, { "vulnerability": "VCID-8ky6-w2nk-9bds" }, { "vulnerability": "VCID-8msu-s38a-p7e3" }, { "vulnerability": "VCID-8shb-t5zp-rqbu" }, { "vulnerability": "VCID-9cc9-npdc-8bac" }, { "vulnerability": "VCID-9vrt-uccb-myev" }, { "vulnerability": "VCID-a8gs-ervm-e3hm" }, { "vulnerability": "VCID-a9b6-tenb-afdw" }, { "vulnerability": "VCID-agtm-nkhp-dkdn" }, { "vulnerability": "VCID-ayfe-5a7g-u7b7" }, { "vulnerability": "VCID-az2w-5xhy-5fe4" }, { "vulnerability": "VCID-b3cn-pjp3-4yhm" }, { "vulnerability": "VCID-b4jg-dj1a-9qd5" }, { "vulnerability": "VCID-b9ry-u6qy-j7cc" }, { "vulnerability": "VCID-bch8-kq49-skhm" }, { "vulnerability": "VCID-bera-73sm-bbh7" }, { "vulnerability": "VCID-bkpz-ratd-e7ab" }, { "vulnerability": "VCID-bzyh-c5tm-j7dn" }, { "vulnerability": "VCID-c4ms-3und-c7d1" }, { "vulnerability": "VCID-cc8x-6es1-8kc5" }, { "vulnerability": "VCID-cgwk-hn4t-n7c1" }, { "vulnerability": "VCID-cqjn-3z6n-sff1" }, { "vulnerability": "VCID-d2ab-j8bf-e7dx" }, { "vulnerability": "VCID-d6mk-hg8h-7qbc" }, { "vulnerability": "VCID-dpgz-dacm-sqg6" }, { "vulnerability": "VCID-dpm5-tmsy-2bez" }, { "vulnerability": "VCID-du16-f2wp-t3cw" }, { "vulnerability": "VCID-dur2-pfke-h7hf" }, { "vulnerability": "VCID-dx43-89w9-a7dg" }, { "vulnerability": "VCID-e7zd-dn28-4bf1" }, { "vulnerability": "VCID-e9zx-zy9y-2fcp" }, { "vulnerability": "VCID-eahe-s41f-ckc1" }, { "vulnerability": "VCID-egy6-nku7-zyap" }, { "vulnerability": "VCID-evth-swm9-k3de" }, { "vulnerability": "VCID-fyh6-gupt-eqgm" }, { "vulnerability": "VCID-fz5y-um7w-63f4" }, { "vulnerability": "VCID-fzam-yuyg-qyd5" }, { "vulnerability": "VCID-gedj-39p5-ubd6" }, { "vulnerability": "VCID-gxj9-a1hc-47de" }, { "vulnerability": "VCID-hbau-7tvg-cygz" }, { "vulnerability": "VCID-hd53-pxmk-ruap" }, { "vulnerability": "VCID-hfbb-ax6r-tbaz" }, { "vulnerability": "VCID-hh8a-mgkk-3yb5" }, { "vulnerability": "VCID-hq7k-qz7g-4bc2" }, { "vulnerability": "VCID-j124-q39m-mkby" }, { "vulnerability": "VCID-j5vp-2jrx-ukf4" }, { "vulnerability": "VCID-j6ss-8f4e-e7g2" }, { "vulnerability": "VCID-jhd5-tqph-3ufu" }, { "vulnerability": "VCID-kezx-5nw5-hfen" }, { "vulnerability": "VCID-kje4-asu6-dfg2" }, { "vulnerability": "VCID-kq4m-anrt-rugn" }, { "vulnerability": "VCID-kuzc-uv5b-v7an" }, { "vulnerability": "VCID-kxnm-y19k-mqg2" }, { "vulnerability": "VCID-kyvw-d4e8-1fd4" }, { "vulnerability": "VCID-m5z8-hz81-j7b7" }, { "vulnerability": "VCID-m83v-51cy-uqar" }, { "vulnerability": "VCID-mhvf-2keh-2qar" }, { "vulnerability": "VCID-mjb6-7au8-5fdx" }, { "vulnerability": "VCID-msac-ptqf-pyg1" }, { "vulnerability": "VCID-mtr5-suag-2bdj" }, { "vulnerability": "VCID-mzsj-dck5-pqc5" }, { "vulnerability": "VCID-ns8t-vtcn-aqh4" }, { "vulnerability": "VCID-p222-28c1-vfhy" }, { "vulnerability": "VCID-pxxm-ce8x-abdq" }, { "vulnerability": "VCID-qfw5-3tdu-x7g4" }, { "vulnerability": "VCID-qgpx-hgzu-5qgp" }, { "vulnerability": "VCID-qj4x-u7gx-9uf1" }, { "vulnerability": "VCID-qp7s-amch-v3cd" }, { "vulnerability": "VCID-qzqd-271b-ybfj" }, { "vulnerability": "VCID-r4bw-w4t9-23ek" }, { "vulnerability": "VCID-r7nh-arcj-8fb3" }, { "vulnerability": "VCID-rbjk-3gcs-2qb5" }, { "vulnerability": "VCID-rduw-apr6-4fdu" }, { "vulnerability": "VCID-re84-qg3k-3ub3" }, { "vulnerability": "VCID-rf6p-ct86-5bgz" }, { "vulnerability": "VCID-ruru-fwmn-5kes" }, { "vulnerability": "VCID-rxac-w9pd-aqe1" }, { "vulnerability": "VCID-s4bp-kzfu-8qfy" }, { "vulnerability": "VCID-s5e2-d6n8-kkbr" }, { "vulnerability": "VCID-scg7-ugdn-53b9" }, { "vulnerability": "VCID-shfz-pxan-v3ar" }, { "vulnerability": "VCID-te3b-exz5-zke1" }, { "vulnerability": "VCID-tvz9-8s4d-gbg6" }, { "vulnerability": "VCID-txb3-ez5r-r7ek" }, { "vulnerability": "VCID-ugyc-gehq-rudu" }, { "vulnerability": "VCID-upcj-z3c1-ubcf" }, { "vulnerability": "VCID-vcdk-gdky-7fdg" }, { "vulnerability": "VCID-vp8y-y64r-wkc9" }, { "vulnerability": "VCID-vu36-a1g1-nugt" }, { "vulnerability": "VCID-vx13-4b1d-wbgp" }, { "vulnerability": "VCID-w3zd-fezc-nuhd" }, { "vulnerability": "VCID-wjfe-wh5k-1qft" }, { "vulnerability": "VCID-ws6y-k3tx-r3gb" }, { "vulnerability": "VCID-wvyx-2bbb-9yf7" }, { "vulnerability": "VCID-x46d-a16g-nkg9" }, { "vulnerability": "VCID-xfvu-2zg4-ruf6" }, { "vulnerability": "VCID-xk5y-7a1w-zba9" }, { "vulnerability": "VCID-xsq8-ztqh-ubb8" }, { "vulnerability": "VCID-y1v3-9tyq-uqhd" }, { "vulnerability": "VCID-y4r1-yr69-uuf6" }, { "vulnerability": "VCID-y4u6-cy8y-hyae" }, { "vulnerability": "VCID-y7x4-664r-3fbk" }, { "vulnerability": "VCID-yuvf-e7hk-kqf9" }, { "vulnerability": "VCID-z2v2-n138-6ydv" }, { "vulnerability": "VCID-zdpz-8tc2-6kah" }, { "vulnerability": "VCID-zt9b-9sjx-7qb4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34254", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00599", "scoring_system": "epss", "scoring_elements": "0.6986", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00599", "scoring_system": "epss", "scoring_elements": "0.6982", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34254" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523" }, { "reference_url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa" }, { "reference_url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:06Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb22-38.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34254", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34254" }, { "reference_url": "https://github.com/advisories/GHSA-fx9g-g9q6-x3jx", "reference_id": "GHSA-fx9g-g9q6-x3jx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fx9g-g9q6-x3jx" } ], "weaknesses": [ { "cwe_id": 22, "name": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "description": "The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." } ], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hq7k-qz7g-4bc2" }