Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/44758?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44758?format=api", "vulnerability_id": "VCID-d2ab-j8bf-e7dx", "summary": "Magento Open Source allows XML Injection\nAdobe Commerce versions 2.4.4-p2 (and earlier) and 2.4.5-p1 (and earlier) are affected by an XML Injection vulnerability that could lead to arbitrary file system read. An unauthenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction.", "aliases": [ { "alias": "CVE-2023-22247" }, { "alias": "GHSA-2444-8gj8-6fmx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/64408?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/64407?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p2" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/64403?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2h52-3pt6-dfcw" }, { "vulnerability": "VCID-3et4-3zad-1qfn" }, { "vulnerability": "VCID-525q-afzj-tkcp" }, { "vulnerability": "VCID-5wfa-wpby-dke1" }, { "vulnerability": "VCID-6t9w-cnkz-s3c3" }, { "vulnerability": "VCID-7ewa-w75h-qfdy" }, { "vulnerability": "VCID-7hrm-jtbx-sqgm" }, { "vulnerability": "VCID-7s7e-adr6-h3dc" }, { "vulnerability": "VCID-8msu-s38a-p7e3" }, { "vulnerability": "VCID-9cc9-npdc-8bac" }, { "vulnerability": "VCID-a8gs-ervm-e3hm" }, { "vulnerability": "VCID-agtm-nkhp-dkdn" }, { "vulnerability": "VCID-az2w-5xhy-5fe4" }, { "vulnerability": "VCID-b4jg-dj1a-9qd5" }, { "vulnerability": "VCID-cc8x-6es1-8kc5" }, { "vulnerability": "VCID-cgwk-hn4t-n7c1" }, { "vulnerability": "VCID-d2ab-j8bf-e7dx" }, { "vulnerability": "VCID-dpgz-dacm-sqg6" }, { "vulnerability": "VCID-dx43-89w9-a7dg" }, { "vulnerability": "VCID-e9zx-zy9y-2fcp" }, { "vulnerability": "VCID-fzam-yuyg-qyd5" }, { "vulnerability": "VCID-hh8a-mgkk-3yb5" }, { "vulnerability": "VCID-j124-q39m-mkby" }, { "vulnerability": "VCID-j5vp-2jrx-ukf4" }, { "vulnerability": "VCID-jhd5-tqph-3ufu" }, { "vulnerability": "VCID-kxnm-y19k-mqg2" }, { "vulnerability": "VCID-m5z8-hz81-j7b7" }, { "vulnerability": "VCID-m83v-51cy-uqar" }, { "vulnerability": "VCID-msac-ptqf-pyg1" }, { "vulnerability": "VCID-mtr5-suag-2bdj" }, { "vulnerability": "VCID-p222-28c1-vfhy" }, { "vulnerability": "VCID-qfw5-3tdu-x7g4" }, { "vulnerability": "VCID-qj4x-u7gx-9uf1" }, { "vulnerability": "VCID-r7nh-arcj-8fb3" }, { "vulnerability": "VCID-rbjk-3gcs-2qb5" }, { "vulnerability": "VCID-rf6p-ct86-5bgz" }, { "vulnerability": "VCID-ruru-fwmn-5kes" }, { "vulnerability": "VCID-s5e2-d6n8-kkbr" }, { "vulnerability": "VCID-upcj-z3c1-ubcf" }, { "vulnerability": "VCID-w3zd-fezc-nuhd" }, { "vulnerability": "VCID-wjfe-wh5k-1qft" }, { "vulnerability": "VCID-ws6y-k3tx-r3gb" }, { "vulnerability": "VCID-x46d-a16g-nkg9" }, { "vulnerability": "VCID-y4r1-yr69-uuf6" }, { "vulnerability": "VCID-yuvf-e7hk-kqf9" }, { "vulnerability": "VCID-zt9b-9sjx-7qb4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/64404?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2h52-3pt6-dfcw" }, { "vulnerability": "VCID-2vsw-t8k2-4bfm" }, { "vulnerability": "VCID-3et4-3zad-1qfn" }, { "vulnerability": "VCID-3zcy-b3th-ukhd" }, { "vulnerability": "VCID-525q-afzj-tkcp" }, { "vulnerability": "VCID-5gxr-xksz-5ydb" }, { "vulnerability": "VCID-6t9w-cnkz-s3c3" }, { "vulnerability": "VCID-6tx4-wexr-fkbb" }, { "vulnerability": "VCID-7ewa-w75h-qfdy" }, { "vulnerability": "VCID-7hrm-jtbx-sqgm" }, { "vulnerability": "VCID-7pr7-uqp1-sugt" }, { "vulnerability": "VCID-7s3w-8dn6-jqh7" }, { "vulnerability": "VCID-7s7e-adr6-h3dc" }, { "vulnerability": "VCID-8hx4-r8bb-n7ge" }, { "vulnerability": "VCID-8ky6-w2nk-9bds" }, { "vulnerability": "VCID-8msu-s38a-p7e3" }, { "vulnerability": "VCID-8shb-t5zp-rqbu" }, { "vulnerability": "VCID-9cc9-npdc-8bac" }, { "vulnerability": "VCID-9vrt-uccb-myev" }, { "vulnerability": "VCID-a8gs-ervm-e3hm" }, { "vulnerability": "VCID-a9b6-tenb-afdw" }, { "vulnerability": "VCID-agtm-nkhp-dkdn" }, { "vulnerability": "VCID-ayfe-5a7g-u7b7" }, { "vulnerability": "VCID-az2w-5xhy-5fe4" }, { "vulnerability": "VCID-b3cn-pjp3-4yhm" }, { "vulnerability": "VCID-b4jg-dj1a-9qd5" }, { "vulnerability": "VCID-b9ry-u6qy-j7cc" }, { "vulnerability": "VCID-bch8-kq49-skhm" }, { "vulnerability": "VCID-bera-73sm-bbh7" }, { "vulnerability": "VCID-bkpz-ratd-e7ab" }, { "vulnerability": "VCID-bzyh-c5tm-j7dn" }, { "vulnerability": "VCID-cc8x-6es1-8kc5" }, { "vulnerability": "VCID-cgwk-hn4t-n7c1" }, { "vulnerability": "VCID-cqjn-3z6n-sff1" }, { "vulnerability": "VCID-d2ab-j8bf-e7dx" }, { "vulnerability": "VCID-d6mk-hg8h-7qbc" }, { "vulnerability": "VCID-dpgz-dacm-sqg6" }, { "vulnerability": "VCID-dpm5-tmsy-2bez" }, { "vulnerability": "VCID-du16-f2wp-t3cw" }, { "vulnerability": "VCID-dur2-pfke-h7hf" }, { "vulnerability": "VCID-dx43-89w9-a7dg" }, { "vulnerability": "VCID-e7zd-dn28-4bf1" }, { "vulnerability": "VCID-e9zx-zy9y-2fcp" }, { "vulnerability": "VCID-eahe-s41f-ckc1" }, { "vulnerability": "VCID-egy6-nku7-zyap" }, { "vulnerability": "VCID-evth-swm9-k3de" }, { "vulnerability": "VCID-fz5y-um7w-63f4" }, { "vulnerability": "VCID-fzam-yuyg-qyd5" }, { "vulnerability": "VCID-gedj-39p5-ubd6" }, { "vulnerability": "VCID-gxj9-a1hc-47de" }, { "vulnerability": "VCID-hbau-7tvg-cygz" }, { "vulnerability": "VCID-hfbb-ax6r-tbaz" }, { "vulnerability": "VCID-hh8a-mgkk-3yb5" }, { "vulnerability": "VCID-hq7k-qz7g-4bc2" }, { "vulnerability": "VCID-j124-q39m-mkby" }, { "vulnerability": "VCID-j5vp-2jrx-ukf4" }, { "vulnerability": "VCID-j6ss-8f4e-e7g2" }, { "vulnerability": "VCID-jhd5-tqph-3ufu" }, { "vulnerability": "VCID-kezx-5nw5-hfen" }, { "vulnerability": "VCID-kje4-asu6-dfg2" }, { "vulnerability": "VCID-kq4m-anrt-rugn" }, { "vulnerability": "VCID-kuzc-uv5b-v7an" }, { "vulnerability": "VCID-kxnm-y19k-mqg2" }, { "vulnerability": "VCID-m5z8-hz81-j7b7" }, { "vulnerability": "VCID-m83v-51cy-uqar" }, { "vulnerability": "VCID-mhvf-2keh-2qar" }, { "vulnerability": "VCID-mjb6-7au8-5fdx" }, { "vulnerability": "VCID-msac-ptqf-pyg1" }, { "vulnerability": "VCID-mtr5-suag-2bdj" }, { "vulnerability": "VCID-ns8t-vtcn-aqh4" }, { "vulnerability": "VCID-p222-28c1-vfhy" }, { "vulnerability": "VCID-qfw5-3tdu-x7g4" }, { "vulnerability": "VCID-qgpx-hgzu-5qgp" }, { "vulnerability": "VCID-qj4x-u7gx-9uf1" }, { "vulnerability": "VCID-qp7s-amch-v3cd" }, { "vulnerability": "VCID-qzqd-271b-ybfj" }, { "vulnerability": "VCID-r4bw-w4t9-23ek" }, { "vulnerability": "VCID-r7nh-arcj-8fb3" }, { "vulnerability": "VCID-rbjk-3gcs-2qb5" }, { "vulnerability": "VCID-rduw-apr6-4fdu" }, { "vulnerability": "VCID-re84-qg3k-3ub3" }, { "vulnerability": "VCID-rf6p-ct86-5bgz" }, { "vulnerability": "VCID-ruru-fwmn-5kes" }, { "vulnerability": "VCID-rxac-w9pd-aqe1" }, { "vulnerability": "VCID-s4bp-kzfu-8qfy" }, { "vulnerability": "VCID-s5e2-d6n8-kkbr" }, { "vulnerability": "VCID-scg7-ugdn-53b9" }, { "vulnerability": "VCID-shfz-pxan-v3ar" }, { "vulnerability": "VCID-te3b-exz5-zke1" }, { "vulnerability": "VCID-tvz9-8s4d-gbg6" }, { "vulnerability": "VCID-txb3-ez5r-r7ek" }, { "vulnerability": "VCID-ugyc-gehq-rudu" }, { "vulnerability": "VCID-upcj-z3c1-ubcf" }, { "vulnerability": "VCID-vu36-a1g1-nugt" }, { "vulnerability": "VCID-vx13-4b1d-wbgp" }, { "vulnerability": "VCID-w3zd-fezc-nuhd" }, { "vulnerability": "VCID-wjfe-wh5k-1qft" }, { "vulnerability": "VCID-ws6y-k3tx-r3gb" }, { "vulnerability": "VCID-wvyx-2bbb-9yf7" }, { "vulnerability": "VCID-x46d-a16g-nkg9" }, { "vulnerability": "VCID-xfvu-2zg4-ruf6" }, { "vulnerability": "VCID-xk5y-7a1w-zba9" }, { "vulnerability": "VCID-xsq8-ztqh-ubb8" }, { "vulnerability": "VCID-y1v3-9tyq-uqhd" }, { "vulnerability": "VCID-y4r1-yr69-uuf6" }, { "vulnerability": "VCID-y4u6-cy8y-hyae" }, { "vulnerability": "VCID-y7x4-664r-3fbk" }, { "vulnerability": "VCID-yuvf-e7hk-kqf9" }, { "vulnerability": "VCID-z2v2-n138-6ydv" }, { "vulnerability": "VCID-zdpz-8tc2-6kah" }, { "vulnerability": "VCID-zt9b-9sjx-7qb4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/64405?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2h52-3pt6-dfcw" }, { "vulnerability": "VCID-2vsw-t8k2-4bfm" }, { "vulnerability": "VCID-3et4-3zad-1qfn" }, { "vulnerability": "VCID-3zcy-b3th-ukhd" }, { "vulnerability": "VCID-525q-afzj-tkcp" }, { "vulnerability": "VCID-5gxr-xksz-5ydb" }, { "vulnerability": "VCID-6t9w-cnkz-s3c3" }, { "vulnerability": "VCID-6tx4-wexr-fkbb" }, { "vulnerability": "VCID-7ewa-w75h-qfdy" }, { "vulnerability": "VCID-7hrm-jtbx-sqgm" }, { "vulnerability": "VCID-7pr7-uqp1-sugt" }, { "vulnerability": "VCID-7s3w-8dn6-jqh7" }, { "vulnerability": "VCID-7s74-rdkp-vyaf" }, { "vulnerability": "VCID-7s7e-adr6-h3dc" }, { "vulnerability": "VCID-8hx4-r8bb-n7ge" }, { "vulnerability": "VCID-8ky6-w2nk-9bds" }, { "vulnerability": "VCID-8msu-s38a-p7e3" }, { "vulnerability": "VCID-8shb-t5zp-rqbu" }, { "vulnerability": "VCID-9cc9-npdc-8bac" }, { "vulnerability": "VCID-9vrt-uccb-myev" }, { "vulnerability": "VCID-a8gs-ervm-e3hm" }, { "vulnerability": "VCID-a9b6-tenb-afdw" }, { "vulnerability": "VCID-agtm-nkhp-dkdn" }, { "vulnerability": "VCID-ayfe-5a7g-u7b7" }, { "vulnerability": "VCID-az2w-5xhy-5fe4" }, { "vulnerability": "VCID-b3cn-pjp3-4yhm" }, { "vulnerability": "VCID-b4jg-dj1a-9qd5" }, { "vulnerability": "VCID-b9ry-u6qy-j7cc" }, { "vulnerability": "VCID-bch8-kq49-skhm" }, { "vulnerability": "VCID-bera-73sm-bbh7" }, { "vulnerability": "VCID-bkpz-ratd-e7ab" }, { "vulnerability": "VCID-bzyh-c5tm-j7dn" }, { "vulnerability": "VCID-cc8x-6es1-8kc5" }, { "vulnerability": "VCID-cgwk-hn4t-n7c1" }, { "vulnerability": "VCID-cqjn-3z6n-sff1" }, { "vulnerability": "VCID-d2ab-j8bf-e7dx" }, { "vulnerability": "VCID-d6mk-hg8h-7qbc" }, { "vulnerability": "VCID-dpgz-dacm-sqg6" }, { "vulnerability": "VCID-du16-f2wp-t3cw" }, { "vulnerability": "VCID-dur2-pfke-h7hf" }, { "vulnerability": "VCID-dx43-89w9-a7dg" }, { "vulnerability": "VCID-e7zd-dn28-4bf1" }, { "vulnerability": "VCID-e9zx-zy9y-2fcp" }, { "vulnerability": "VCID-eahe-s41f-ckc1" }, { "vulnerability": "VCID-egy6-nku7-zyap" }, { "vulnerability": "VCID-evth-swm9-k3de" }, { "vulnerability": "VCID-fz5y-um7w-63f4" }, { "vulnerability": "VCID-fzam-yuyg-qyd5" }, { "vulnerability": "VCID-fzm9-e6bg-r7aw" }, { "vulnerability": "VCID-gedj-39p5-ubd6" }, { "vulnerability": "VCID-gxj9-a1hc-47de" }, { "vulnerability": "VCID-hbau-7tvg-cygz" }, { "vulnerability": "VCID-hfbb-ax6r-tbaz" }, { "vulnerability": "VCID-hh8a-mgkk-3yb5" }, { "vulnerability": "VCID-j124-q39m-mkby" }, { "vulnerability": "VCID-j5vp-2jrx-ukf4" }, { "vulnerability": "VCID-j6ss-8f4e-e7g2" }, { "vulnerability": "VCID-jhd5-tqph-3ufu" }, { "vulnerability": "VCID-jr49-4fs3-8qcp" }, { "vulnerability": "VCID-kezx-5nw5-hfen" }, { "vulnerability": "VCID-kje4-asu6-dfg2" }, { "vulnerability": "VCID-kq4m-anrt-rugn" }, { "vulnerability": "VCID-kuzc-uv5b-v7an" }, { "vulnerability": "VCID-kxnm-y19k-mqg2" }, { "vulnerability": "VCID-m5z8-hz81-j7b7" }, { "vulnerability": "VCID-m83v-51cy-uqar" }, { "vulnerability": "VCID-mhvf-2keh-2qar" }, { "vulnerability": "VCID-mjb6-7au8-5fdx" }, { "vulnerability": "VCID-msac-ptqf-pyg1" }, { "vulnerability": "VCID-mtr5-suag-2bdj" }, { "vulnerability": "VCID-ns8t-vtcn-aqh4" }, { "vulnerability": "VCID-p222-28c1-vfhy" }, { "vulnerability": "VCID-qfw5-3tdu-x7g4" }, { "vulnerability": "VCID-qgpx-hgzu-5qgp" }, { "vulnerability": "VCID-qj4x-u7gx-9uf1" }, { "vulnerability": "VCID-qp7s-amch-v3cd" }, { "vulnerability": "VCID-qzqd-271b-ybfj" }, { "vulnerability": "VCID-r4bw-w4t9-23ek" }, { "vulnerability": "VCID-r7nh-arcj-8fb3" }, { "vulnerability": "VCID-rbjk-3gcs-2qb5" }, { "vulnerability": "VCID-rduw-apr6-4fdu" }, { "vulnerability": "VCID-re84-qg3k-3ub3" }, { "vulnerability": "VCID-rf6p-ct86-5bgz" }, { "vulnerability": "VCID-ruru-fwmn-5kes" }, { "vulnerability": "VCID-rxac-w9pd-aqe1" }, { "vulnerability": "VCID-s4bp-kzfu-8qfy" }, { "vulnerability": "VCID-s5e2-d6n8-kkbr" }, { "vulnerability": "VCID-scg7-ugdn-53b9" }, { "vulnerability": "VCID-shfz-pxan-v3ar" }, { "vulnerability": "VCID-te3b-exz5-zke1" }, { "vulnerability": "VCID-tvz9-8s4d-gbg6" }, { "vulnerability": "VCID-txb3-ez5r-r7ek" }, { "vulnerability": "VCID-ugyc-gehq-rudu" }, { "vulnerability": "VCID-upcj-z3c1-ubcf" }, { "vulnerability": "VCID-vu36-a1g1-nugt" }, { "vulnerability": "VCID-vx13-4b1d-wbgp" }, { "vulnerability": "VCID-w3zd-fezc-nuhd" }, { "vulnerability": "VCID-wjfe-wh5k-1qft" }, { "vulnerability": "VCID-ws6y-k3tx-r3gb" }, { "vulnerability": "VCID-wvyx-2bbb-9yf7" }, { "vulnerability": "VCID-x46d-a16g-nkg9" }, { "vulnerability": "VCID-xfvu-2zg4-ruf6" }, { "vulnerability": "VCID-xk5y-7a1w-zba9" }, { "vulnerability": "VCID-xsq8-ztqh-ubb8" }, { "vulnerability": "VCID-y1v3-9tyq-uqhd" }, { "vulnerability": "VCID-y4r1-yr69-uuf6" }, { "vulnerability": "VCID-y4u6-cy8y-hyae" }, { "vulnerability": "VCID-y7x4-664r-3fbk" }, { "vulnerability": "VCID-yuvf-e7hk-kqf9" }, { "vulnerability": "VCID-z2v2-n138-6ydv" }, { "vulnerability": "VCID-zdpz-8tc2-6kah" }, { "vulnerability": "VCID-zt9b-9sjx-7qb4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/64406?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1jsp-392b-2fgb" }, { "vulnerability": "VCID-2h52-3pt6-dfcw" }, { "vulnerability": "VCID-2vsw-t8k2-4bfm" }, { "vulnerability": "VCID-3et4-3zad-1qfn" }, { "vulnerability": "VCID-3g5s-hryc-5qa9" }, { "vulnerability": "VCID-3zcy-b3th-ukhd" }, { "vulnerability": "VCID-4dae-vty8-b7hk" }, { "vulnerability": "VCID-525q-afzj-tkcp" }, { "vulnerability": "VCID-5gxr-xksz-5ydb" }, { "vulnerability": "VCID-6p6q-ctya-q3bv" }, { "vulnerability": "VCID-6t9w-cnkz-s3c3" }, { "vulnerability": "VCID-6tx4-wexr-fkbb" }, { "vulnerability": "VCID-7ewa-w75h-qfdy" }, { "vulnerability": "VCID-7hrm-jtbx-sqgm" }, { "vulnerability": "VCID-7pr7-uqp1-sugt" }, { "vulnerability": "VCID-7s3w-8dn6-jqh7" }, { "vulnerability": "VCID-7s74-rdkp-vyaf" }, { "vulnerability": "VCID-7s7e-adr6-h3dc" }, { "vulnerability": "VCID-8hx4-r8bb-n7ge" }, { "vulnerability": "VCID-8ky6-w2nk-9bds" }, { "vulnerability": "VCID-8msu-s38a-p7e3" }, { "vulnerability": "VCID-8shb-t5zp-rqbu" }, { "vulnerability": "VCID-9cc9-npdc-8bac" }, { "vulnerability": "VCID-9vrt-uccb-myev" }, { "vulnerability": "VCID-a8gs-ervm-e3hm" }, { "vulnerability": "VCID-a9b6-tenb-afdw" }, { "vulnerability": "VCID-agtm-nkhp-dkdn" }, { "vulnerability": "VCID-ayfe-5a7g-u7b7" }, { "vulnerability": "VCID-az2w-5xhy-5fe4" }, { "vulnerability": "VCID-b3cn-pjp3-4yhm" }, { "vulnerability": "VCID-b4jg-dj1a-9qd5" }, { "vulnerability": "VCID-b9ry-u6qy-j7cc" }, { "vulnerability": "VCID-bch8-kq49-skhm" }, { "vulnerability": "VCID-bera-73sm-bbh7" }, { "vulnerability": "VCID-bkpz-ratd-e7ab" }, { "vulnerability": "VCID-bzyh-c5tm-j7dn" }, { "vulnerability": "VCID-cc8x-6es1-8kc5" }, { "vulnerability": "VCID-ccx1-qacj-2qev" }, { "vulnerability": "VCID-cgwk-hn4t-n7c1" }, { "vulnerability": "VCID-cm2a-1yc5-v3cy" }, { "vulnerability": "VCID-cqjn-3z6n-sff1" }, { "vulnerability": "VCID-d2ab-j8bf-e7dx" }, { "vulnerability": "VCID-d6mk-hg8h-7qbc" }, { "vulnerability": "VCID-dpgz-dacm-sqg6" }, { "vulnerability": "VCID-du16-f2wp-t3cw" }, { "vulnerability": "VCID-dur2-pfke-h7hf" }, { "vulnerability": "VCID-dx43-89w9-a7dg" }, { "vulnerability": "VCID-e7zd-dn28-4bf1" }, { "vulnerability": "VCID-e9zx-zy9y-2fcp" }, { "vulnerability": "VCID-eahe-s41f-ckc1" }, { "vulnerability": "VCID-egy6-nku7-zyap" }, { "vulnerability": "VCID-evth-swm9-k3de" }, { "vulnerability": "VCID-eygc-ra9u-gyej" }, { "vulnerability": "VCID-fz5y-um7w-63f4" }, { "vulnerability": "VCID-fzam-yuyg-qyd5" }, { "vulnerability": "VCID-gedj-39p5-ubd6" }, { "vulnerability": "VCID-gxj9-a1hc-47de" }, { "vulnerability": "VCID-hbau-7tvg-cygz" }, { "vulnerability": "VCID-hfbb-ax6r-tbaz" }, { "vulnerability": "VCID-hh8a-mgkk-3yb5" }, { "vulnerability": "VCID-j124-q39m-mkby" }, { "vulnerability": "VCID-j5vp-2jrx-ukf4" }, { "vulnerability": "VCID-j6ss-8f4e-e7g2" }, { "vulnerability": "VCID-jhd5-tqph-3ufu" }, { "vulnerability": "VCID-kezx-5nw5-hfen" }, { "vulnerability": "VCID-kje4-asu6-dfg2" }, { "vulnerability": "VCID-kq4m-anrt-rugn" }, { "vulnerability": "VCID-kuzc-uv5b-v7an" }, { "vulnerability": "VCID-kxnm-y19k-mqg2" }, { "vulnerability": "VCID-m5z8-hz81-j7b7" }, { "vulnerability": "VCID-m83v-51cy-uqar" }, { "vulnerability": "VCID-md7v-w5aq-t7h1" }, { "vulnerability": "VCID-mhvf-2keh-2qar" }, { "vulnerability": "VCID-mjb6-7au8-5fdx" }, { "vulnerability": "VCID-msac-ptqf-pyg1" }, { "vulnerability": "VCID-mtr5-suag-2bdj" }, { "vulnerability": "VCID-ns8t-vtcn-aqh4" }, { "vulnerability": "VCID-p222-28c1-vfhy" }, { "vulnerability": "VCID-qfw5-3tdu-x7g4" }, { "vulnerability": "VCID-qgpx-hgzu-5qgp" }, { "vulnerability": "VCID-qj4x-u7gx-9uf1" }, { "vulnerability": "VCID-qp7s-amch-v3cd" }, { "vulnerability": "VCID-qzqd-271b-ybfj" }, { "vulnerability": "VCID-r4bw-w4t9-23ek" }, { "vulnerability": "VCID-r7nh-arcj-8fb3" }, { "vulnerability": "VCID-rbjk-3gcs-2qb5" }, { "vulnerability": "VCID-rduw-apr6-4fdu" }, { "vulnerability": "VCID-re84-qg3k-3ub3" }, { "vulnerability": "VCID-rf6p-ct86-5bgz" }, { "vulnerability": "VCID-ruru-fwmn-5kes" }, { "vulnerability": "VCID-rxac-w9pd-aqe1" }, { "vulnerability": "VCID-s4bp-kzfu-8qfy" }, { "vulnerability": "VCID-s5e2-d6n8-kkbr" }, { "vulnerability": "VCID-scg7-ugdn-53b9" }, { "vulnerability": "VCID-shfz-pxan-v3ar" }, { "vulnerability": "VCID-tc3m-4bkg-qkcf" }, { "vulnerability": "VCID-te3b-exz5-zke1" }, { "vulnerability": "VCID-tvz9-8s4d-gbg6" }, { "vulnerability": "VCID-txb3-ez5r-r7ek" }, { "vulnerability": "VCID-tzug-ckkn-dyft" }, { "vulnerability": "VCID-ugyc-gehq-rudu" }, { "vulnerability": "VCID-upcj-z3c1-ubcf" }, { "vulnerability": "VCID-vu36-a1g1-nugt" }, { "vulnerability": "VCID-vx13-4b1d-wbgp" }, { "vulnerability": "VCID-w3zd-fezc-nuhd" }, { "vulnerability": "VCID-wjfe-wh5k-1qft" }, { "vulnerability": "VCID-ws6y-k3tx-r3gb" }, { "vulnerability": "VCID-wvyx-2bbb-9yf7" }, { "vulnerability": "VCID-wzu6-rbsv-mkde" }, { "vulnerability": "VCID-x46d-a16g-nkg9" }, { "vulnerability": "VCID-xfvu-2zg4-ruf6" }, { "vulnerability": "VCID-xk5y-7a1w-zba9" }, { "vulnerability": "VCID-xsq8-ztqh-ubb8" }, { "vulnerability": "VCID-y1v3-9tyq-uqhd" }, { "vulnerability": "VCID-y4r1-yr69-uuf6" }, { "vulnerability": "VCID-y4u6-cy8y-hyae" }, { "vulnerability": "VCID-y7x4-664r-3fbk" }, { "vulnerability": "VCID-yuvf-e7hk-kqf9" }, { "vulnerability": "VCID-z2v2-n138-6ydv" }, { "vulnerability": "VCID-zdpz-8tc2-6kah" }, { "vulnerability": "VCID-zt9b-9sjx-7qb4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/64410?format=api", "purl": "pkg:composer/magento/project-community-edition@2.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1jsp-392b-2fgb" }, { "vulnerability": "VCID-2h52-3pt6-dfcw" }, { "vulnerability": "VCID-2vsw-t8k2-4bfm" }, { "vulnerability": "VCID-2z3f-wtw6-yydf" }, { "vulnerability": "VCID-36ve-7wxt-z7fz" }, { "vulnerability": "VCID-3et4-3zad-1qfn" }, { "vulnerability": "VCID-3zcy-b3th-ukhd" }, { "vulnerability": "VCID-4dae-vty8-b7hk" }, { "vulnerability": "VCID-525q-afzj-tkcp" }, { "vulnerability": "VCID-5gxr-xksz-5ydb" }, { "vulnerability": "VCID-6p6q-ctya-q3bv" }, { "vulnerability": "VCID-6t9w-cnkz-s3c3" }, { "vulnerability": "VCID-6tx4-wexr-fkbb" }, { "vulnerability": "VCID-7hrm-jtbx-sqgm" }, { "vulnerability": "VCID-7s74-rdkp-vyaf" }, { "vulnerability": "VCID-7s7e-adr6-h3dc" }, { "vulnerability": "VCID-8hx4-r8bb-n7ge" }, { "vulnerability": "VCID-8ky6-w2nk-9bds" }, { "vulnerability": "VCID-8msu-s38a-p7e3" }, { "vulnerability": "VCID-8shb-t5zp-rqbu" }, { "vulnerability": "VCID-9cc9-npdc-8bac" }, { "vulnerability": "VCID-9vrt-uccb-myev" }, { "vulnerability": "VCID-a8gs-ervm-e3hm" }, { "vulnerability": "VCID-a9b6-tenb-afdw" }, { "vulnerability": "VCID-agtm-nkhp-dkdn" }, { "vulnerability": "VCID-az2w-5xhy-5fe4" }, { "vulnerability": "VCID-b3cn-pjp3-4yhm" }, { "vulnerability": "VCID-b4jg-dj1a-9qd5" }, { "vulnerability": "VCID-b5hn-f1qk-z7cu" }, { "vulnerability": "VCID-b9ry-u6qy-j7cc" }, { "vulnerability": "VCID-cafy-5dd8-rudj" }, { "vulnerability": "VCID-cc8x-6es1-8kc5" }, { "vulnerability": "VCID-ccx1-qacj-2qev" }, { "vulnerability": "VCID-cgwk-hn4t-n7c1" }, { "vulnerability": "VCID-cm2a-1yc5-v3cy" }, { "vulnerability": "VCID-cqjn-3z6n-sff1" }, { "vulnerability": "VCID-d2ab-j8bf-e7dx" }, { "vulnerability": "VCID-d6mk-hg8h-7qbc" }, { "vulnerability": "VCID-dj5a-35gt-u7dn" }, { "vulnerability": "VCID-dpgz-dacm-sqg6" }, { "vulnerability": "VCID-dx43-89w9-a7dg" }, { "vulnerability": "VCID-e9zx-zy9y-2fcp" }, { "vulnerability": "VCID-egy6-nku7-zyap" }, { "vulnerability": "VCID-eygc-ra9u-gyej" }, { "vulnerability": "VCID-fz5y-um7w-63f4" }, { "vulnerability": "VCID-fzam-yuyg-qyd5" }, { "vulnerability": "VCID-fzm9-e6bg-r7aw" }, { "vulnerability": "VCID-gedj-39p5-ubd6" }, { "vulnerability": "VCID-hbau-7tvg-cygz" }, { "vulnerability": "VCID-hh8a-mgkk-3yb5" }, { "vulnerability": "VCID-j124-q39m-mkby" }, { "vulnerability": "VCID-j5vp-2jrx-ukf4" }, { "vulnerability": "VCID-j6ss-8f4e-e7g2" }, { "vulnerability": "VCID-jhd5-tqph-3ufu" }, { "vulnerability": "VCID-jr49-4fs3-8qcp" }, { "vulnerability": "VCID-kezx-5nw5-hfen" }, { "vulnerability": "VCID-kxnm-y19k-mqg2" }, { "vulnerability": "VCID-m5z8-hz81-j7b7" }, { "vulnerability": "VCID-m83v-51cy-uqar" }, { "vulnerability": "VCID-md7v-w5aq-t7h1" }, { "vulnerability": "VCID-mhvf-2keh-2qar" }, { "vulnerability": "VCID-mjb6-7au8-5fdx" }, { "vulnerability": "VCID-msac-ptqf-pyg1" }, { "vulnerability": "VCID-mtr5-suag-2bdj" }, { "vulnerability": "VCID-nn21-hf8r-ykfd" }, { "vulnerability": "VCID-p222-28c1-vfhy" }, { "vulnerability": "VCID-qfw5-3tdu-x7g4" }, { "vulnerability": "VCID-qj4x-u7gx-9uf1" }, { "vulnerability": "VCID-qp7s-amch-v3cd" }, { "vulnerability": "VCID-qrwc-3gsb-zkfy" }, { "vulnerability": "VCID-qzqd-271b-ybfj" }, { "vulnerability": "VCID-r4bw-w4t9-23ek" }, { "vulnerability": "VCID-r7nh-arcj-8fb3" }, { "vulnerability": "VCID-rbjk-3gcs-2qb5" }, { "vulnerability": "VCID-re84-qg3k-3ub3" }, { "vulnerability": "VCID-rf6p-ct86-5bgz" }, { "vulnerability": "VCID-ruru-fwmn-5kes" }, { "vulnerability": "VCID-s4bp-kzfu-8qfy" }, { "vulnerability": "VCID-s5e2-d6n8-kkbr" }, { "vulnerability": "VCID-scg7-ugdn-53b9" }, { "vulnerability": "VCID-tc3m-4bkg-qkcf" }, { "vulnerability": "VCID-te3b-exz5-zke1" }, { "vulnerability": "VCID-th7y-aj51-mbaj" }, { "vulnerability": "VCID-tvz9-8s4d-gbg6" }, { "vulnerability": "VCID-tzug-ckkn-dyft" }, { "vulnerability": "VCID-upcj-z3c1-ubcf" }, { "vulnerability": "VCID-w3zd-fezc-nuhd" }, { "vulnerability": "VCID-wjfe-wh5k-1qft" }, { "vulnerability": "VCID-ws6y-k3tx-r3gb" }, { "vulnerability": "VCID-wzu6-rbsv-mkde" }, { "vulnerability": "VCID-x46d-a16g-nkg9" }, { "vulnerability": "VCID-xsq8-ztqh-ubb8" }, { "vulnerability": "VCID-y4r1-yr69-uuf6" }, { "vulnerability": "VCID-y7x4-664r-3fbk" }, { "vulnerability": "VCID-y93w-2qcc-wqg8" }, { "vulnerability": "VCID-yuvf-e7hk-kqf9" }, { "vulnerability": "VCID-yyq6-dvyx-3bb9" }, { "vulnerability": "VCID-zt9b-9sjx-7qb4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/project-community-edition@2.0.2" } ], "references": [ { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb23-17.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb23-17.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22247", "reference_id": "CVE-2023-22247", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22247" }, { "reference_url": "https://github.com/advisories/GHSA-2444-8gj8-6fmx", "reference_id": "GHSA-2444-8gj8-6fmx", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2444-8gj8-6fmx" } ], "weaknesses": [ { "cwe_id": 91, "name": "XML Injection (aka Blind XPath Injection)", "description": "The product does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d2ab-j8bf-e7dx" }