{"url":"http://public2.vulnerablecode.io/api/packages/32193?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","type":"composer","namespace":"magento","name":"community-edition","version":"2.4.5-p8","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.4.6-p13","latest_non_vulnerable_version":"2.4.9-alpha3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46533?format=json","vulnerability_id":"VCID-158t-bqnb-83d4","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39406","reference_id":"","reference_type":"","scores":[{"value":"0.00916","scoring_system":"epss","scoring_elements":"0.76439","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00916","scoring_system":"epss","scoring_elements":"0.76449","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00916","scoring_system":"epss","scoring_elements":"0.76369","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00916","scoring_system":"epss","scoring_elements":"0.76454","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39406"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:12:23Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39406","reference_id":"CVE-2024-39406","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39406"},{"reference_url":"https://github.com/advisories/GHSA-6pxh-2557-5cj5","reference_id":"GHSA-6pxh-2557-5cj5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6pxh-2557-5cj5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/30241?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-466x-mpt9-gbgy"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-8hfe-bt2u-37f9"},{"vulnerability":"VCID-96hr-sbyj-27dw"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-e9g4-n5c8-6yf9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fb5x-afrq-87aj"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jkrp-j7st-27f3"},{"vulnerability":"VCID-jnuu-9mt7-jyd5"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q12a-kwpk-yufv"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-qr8w-qwb5-6uag"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"},{"vulnerability":"VCID-zssu-1dmn-sycb"},{"vulnerability":"VCID-zym7-1cr7-mkaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39406","GHSA-6pxh-2557-5cj5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-158t-bqnb-83d4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46780?format=json","vulnerability_id":"VCID-2t3q-pmg5-qyhn","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39405","reference_id":"","reference_type":"","scores":[{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46366","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46508","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46511","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46522","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39405"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:13:21Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39405","reference_id":"CVE-2024-39405","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39405"},{"reference_url":"https://github.com/advisories/GHSA-5g9f-7gqc-8hj4","reference_id":"GHSA-5g9f-7gqc-8hj4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5g9f-7gqc-8hj4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39405","GHSA-5g9f-7gqc-8hj4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2t3q-pmg5-qyhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46531?format=json","vulnerability_id":"VCID-368r-um85-k3d2","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures to view and edit low-sensitivity information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39418","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.56177","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.563","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.56297","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.56311","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39418"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:08:28Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39418","reference_id":"CVE-2024-39418","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39418"},{"reference_url":"https://github.com/advisories/GHSA-gvgf-pvh5-vjh4","reference_id":"GHSA-gvgf-pvh5-vjh4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gvgf-pvh5-vjh4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39418","GHSA-gvgf-pvh5-vjh4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-368r-um85-k3d2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47005?format=json","vulnerability_id":"VCID-3s5p-wb18-13ge","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. A low-privileged attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39399","reference_id":"","reference_type":"","scores":[{"value":"0.00842","scoring_system":"epss","scoring_elements":"0.75184","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00842","scoring_system":"epss","scoring_elements":"0.75264","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00842","scoring_system":"epss","scoring_elements":"0.75268","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00842","scoring_system":"epss","scoring_elements":"0.75254","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39399"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T14:09:03Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39399","reference_id":"CVE-2024-39399","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39399"},{"reference_url":"https://github.com/advisories/GHSA-7r99-8wqp-h7pc","reference_id":"GHSA-7r99-8wqp-h7pc","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7r99-8wqp-h7pc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39399","GHSA-7r99-8wqp-h7pc"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3s5p-wb18-13ge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46497?format=json","vulnerability_id":"VCID-3uj4-thpr-cue1","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39407","reference_id":"","reference_type":"","scores":[{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.48","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.48016","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47859","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39407"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:10:04Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39407","reference_id":"CVE-2024-39407","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39407"},{"reference_url":"https://github.com/advisories/GHSA-cjm6-8mw8-2f8c","reference_id":"GHSA-cjm6-8mw8-2f8c","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cjm6-8mw8-2f8c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39407","GHSA-cjm6-8mw8-2f8c"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3uj4-thpr-cue1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46502?format=json","vulnerability_id":"VCID-3ydj-usv4-47fq","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changes on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39410","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67151","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67137","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67045","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39410"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:47Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39410","reference_id":"CVE-2024-39410","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39410"},{"reference_url":"https://github.com/advisories/GHSA-4323-f82v-f6jr","reference_id":"GHSA-4323-f82v-f6jr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4323-f82v-f6jr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/30241?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-466x-mpt9-gbgy"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-8hfe-bt2u-37f9"},{"vulnerability":"VCID-96hr-sbyj-27dw"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-e9g4-n5c8-6yf9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fb5x-afrq-87aj"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jkrp-j7st-27f3"},{"vulnerability":"VCID-jnuu-9mt7-jyd5"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q12a-kwpk-yufv"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-qr8w-qwb5-6uag"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"},{"vulnerability":"VCID-zssu-1dmn-sycb"},{"vulnerability":"VCID-zym7-1cr7-mkaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39410","GHSA-4323-f82v-f6jr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ydj-usv4-47fq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46929?format=json","vulnerability_id":"VCID-4b5p-wqtj-7kbe","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changes on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39409","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67045","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67151","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67137","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39409"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:00Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39409","reference_id":"CVE-2024-39409","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39409"},{"reference_url":"https://github.com/advisories/GHSA-rf4q-m23c-7q8r","reference_id":"GHSA-rf4q-m23c-7q8r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rf4q-m23c-7q8r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/30241?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-466x-mpt9-gbgy"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-8hfe-bt2u-37f9"},{"vulnerability":"VCID-96hr-sbyj-27dw"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-e9g4-n5c8-6yf9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fb5x-afrq-87aj"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jkrp-j7st-27f3"},{"vulnerability":"VCID-jnuu-9mt7-jyd5"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q12a-kwpk-yufv"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-qr8w-qwb5-6uag"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"},{"vulnerability":"VCID-zssu-1dmn-sycb"},{"vulnerability":"VCID-zym7-1cr7-mkaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39409","GHSA-rf4q-m23c-7q8r"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4b5p-wqtj-7kbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88199?format=json","vulnerability_id":"VCID-4nqq-nrne-17a2","summary":"Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54266","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18174","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18336","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18338","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.1836","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54266"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"apsb25-94.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:24:32Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54266","reference_id":"CVE-2025-54266","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54266"},{"reference_url":"https://github.com/advisories/GHSA-pcrx-r49h-x2w5","reference_id":"GHSA-pcrx-r49h-x2w5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pcrx-r49h-x2w5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34326?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/34329?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/34331?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34328?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54266","GHSA-pcrx-r49h-x2w5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4nqq-nrne-17a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46833?format=json","vulnerability_id":"VCID-6v47-xgpq-zkgf","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an admin attacker. Exploitation of this issue requires user interaction and scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39401","reference_id":"","reference_type":"","scores":[{"value":"0.0264","scoring_system":"epss","scoring_elements":"0.86044","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0264","scoring_system":"epss","scoring_elements":"0.86101","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0264","scoring_system":"epss","scoring_elements":"0.86105","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0264","scoring_system":"epss","scoring_elements":"0.86093","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39401"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:10:32Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39401","reference_id":"CVE-2024-39401","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39401"},{"reference_url":"https://github.com/advisories/GHSA-8frp-pxq2-3gpq","reference_id":"GHSA-8frp-pxq2-3gpq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8frp-pxq2-3gpq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39401","GHSA-8frp-pxq2-3gpq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6v47-xgpq-zkgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88207?format=json","vulnerability_id":"VCID-7bmk-3ab2-9ba6","summary":"Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to elevated privileges that increase integrity impact to high. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54267","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20657","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20679","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20479","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54267"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"apsb25-94.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-16T03:56:04Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54267","reference_id":"CVE-2025-54267","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54267"},{"reference_url":"https://github.com/advisories/GHSA-qvwr-p3hj-j6jf","reference_id":"GHSA-qvwr-p3hj-j6jf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qvwr-p3hj-j6jf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34326?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/34329?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/34331?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34328?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54267","GHSA-qvwr-p3hj-j6jf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7bmk-3ab2-9ba6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46839?format=json","vulnerability_id":"VCID-8365-zgh2-w3cc","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39413","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54261","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54388","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54386","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54403","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39413"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:08:47Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39413","reference_id":"CVE-2024-39413","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39413"},{"reference_url":"https://github.com/advisories/GHSA-8w5f-8992-g86j","reference_id":"GHSA-8w5f-8992-g86j","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8w5f-8992-g86j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39413","GHSA-8w5f-8992-g86j"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8365-zgh2-w3cc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46971?format=json","vulnerability_id":"VCID-bftg-2sea-57cv","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39419","reference_id":"","reference_type":"","scores":[{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46366","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46508","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46511","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46522","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39419"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:08:00Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39419","reference_id":"CVE-2024-39419","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39419"},{"reference_url":"https://github.com/advisories/GHSA-74w7-cr4v-wf2v","reference_id":"GHSA-74w7-cr4v-wf2v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-74w7-cr4v-wf2v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39419","GHSA-74w7-cr4v-wf2v"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bftg-2sea-57cv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46517?format=json","vulnerability_id":"VCID-dsy7-gm7v-tqc8","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39415","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54261","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54388","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54386","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54403","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39415"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:13:06Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39415","reference_id":"CVE-2024-39415","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39415"},{"reference_url":"https://github.com/advisories/GHSA-gj93-84g5-mcjq","reference_id":"GHSA-gj93-84g5-mcjq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gj93-84g5-mcjq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39415","GHSA-gj93-84g5-mcjq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dsy7-gm7v-tqc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88335?format=json","vulnerability_id":"VCID-eusf-bc81-9uhv","summary":"Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54263","reference_id":"","reference_type":"","scores":[{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25914","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.26115","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.2613","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.26114","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54263"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"apsb25-94.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54263","reference_id":"CVE-2025-54263","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54263"},{"reference_url":"https://github.com/advisories/GHSA-69x9-xp2j-w8g8","reference_id":"GHSA-69x9-xp2j-w8g8","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-69x9-xp2j-w8g8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34326?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/34329?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/34331?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34328?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54263","GHSA-69x9-xp2j-w8g8"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eusf-bc81-9uhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46736?format=json","vulnerability_id":"VCID-gxbc-u5mr-f3c9","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Confidentiality impact is high due to the attacker being able to exfiltrate sensitive information.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39403","reference_id":"","reference_type":"","scores":[{"value":"0.02812","scoring_system":"epss","scoring_elements":"0.86453","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02812","scoring_system":"epss","scoring_elements":"0.86512","published_at":"2026-06-14T12:55:00Z"},{"value":"0.02812","scoring_system":"epss","scoring_elements":"0.86514","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02812","scoring_system":"epss","scoring_elements":"0.86504","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39403"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:08:14Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39403","reference_id":"CVE-2024-39403","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39403"},{"reference_url":"https://github.com/advisories/GHSA-mmp7-8cg4-9wrg","reference_id":"GHSA-mmp7-8cg4-9wrg","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mmp7-8cg4-9wrg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39403","GHSA-mmp7-8cg4-9wrg"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gxbc-u5mr-f3c9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87827?format=json","vulnerability_id":"VCID-h2ju-dedu-fqad","summary":"Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54265","reference_id":"","reference_type":"","scores":[{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29491","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.2969","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29706","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29688","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54265"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"apsb25-94.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T20:35:42Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54265","reference_id":"CVE-2025-54265","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54265"},{"reference_url":"https://github.com/advisories/GHSA-r355-75hw-r8jf","reference_id":"GHSA-r355-75hw-r8jf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r355-75hw-r8jf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34326?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/34329?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/34331?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34328?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54265","GHSA-r355-75hw-r8jf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h2ju-dedu-fqad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46560?format=json","vulnerability_id":"VCID-j9e4-4xta-6qc5","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39414","reference_id":"","reference_type":"","scores":[{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55433","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55556","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55553","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55568","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39414"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:42Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39414","reference_id":"CVE-2024-39414","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39414"},{"reference_url":"https://github.com/advisories/GHSA-x6f9-hv9r-fgq4","reference_id":"GHSA-x6f9-hv9r-fgq4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x6f9-hv9r-fgq4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39414","GHSA-x6f9-hv9r-fgq4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j9e4-4xta-6qc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46412?format=json","vulnerability_id":"VCID-jeur-3jww-dqee","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and perform a minor integrity change. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39412","reference_id":"","reference_type":"","scores":[{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50751","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50755","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50617","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50768","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39412"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:56Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39412","reference_id":"CVE-2024-39412","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39412"},{"reference_url":"https://github.com/advisories/GHSA-7472-vw39-g2j3","reference_id":"GHSA-7472-vw39-g2j3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7472-vw39-g2j3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/30241?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-466x-mpt9-gbgy"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-8hfe-bt2u-37f9"},{"vulnerability":"VCID-96hr-sbyj-27dw"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-e9g4-n5c8-6yf9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fb5x-afrq-87aj"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jkrp-j7st-27f3"},{"vulnerability":"VCID-jnuu-9mt7-jyd5"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q12a-kwpk-yufv"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-qr8w-qwb5-6uag"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"},{"vulnerability":"VCID-zssu-1dmn-sycb"},{"vulnerability":"VCID-zym7-1cr7-mkaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39412","GHSA-7472-vw39-g2j3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jeur-3jww-dqee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46759?format=json","vulnerability_id":"VCID-jyhf-huep-tya2","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to perform brute force attacks and potentially gain unauthorized access to accounts. Exploitation of this issue does not require user interaction, but attack complexity is high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39398","reference_id":"","reference_type":"","scores":[{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.47077","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.47214","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.47232","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.47218","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39398"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:10:17Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39398","reference_id":"CVE-2024-39398","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39398"},{"reference_url":"https://github.com/advisories/GHSA-q628-54wg-4r5q","reference_id":"GHSA-q628-54wg-4r5q","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q628-54wg-4r5q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39398","GHSA-q628-54wg-4r5q"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jyhf-huep-tya2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87743?format=json","vulnerability_id":"VCID-pcm6-819d-6uhm","summary":"Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54264","reference_id":"","reference_type":"","scores":[{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.44038","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.44198","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.44191","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.4421","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54264"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"apsb25-94.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:28Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54264","reference_id":"CVE-2025-54264","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54264"},{"reference_url":"https://github.com/advisories/GHSA-2768-5wmv-cfff","reference_id":"GHSA-2768-5wmv-cfff","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2768-5wmv-cfff"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34326?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/34329?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/34331?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34328?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54264","GHSA-2768-5wmv-cfff"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pcm6-819d-6uhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46597?format=json","vulnerability_id":"VCID-qbx1-jqke-v7hf","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an admin attacker. Exploitation of this issue requires user interaction and scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39402","reference_id":"","reference_type":"","scores":[{"value":"0.0264","scoring_system":"epss","scoring_elements":"0.86093","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0264","scoring_system":"epss","scoring_elements":"0.86101","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0264","scoring_system":"epss","scoring_elements":"0.86044","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0264","scoring_system":"epss","scoring_elements":"0.86105","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39402"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:12:09Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39402","reference_id":"CVE-2024-39402","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39402"},{"reference_url":"https://github.com/advisories/GHSA-2ff6-837j-hg5x","reference_id":"GHSA-2ff6-837j-hg5x","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2ff6-837j-hg5x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39402","GHSA-2ff6-837j-hg5x"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qbx1-jqke-v7hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46855?format=json","vulnerability_id":"VCID-qnpc-4r4b-3uhx","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39417","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54261","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54388","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54386","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54403","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39417"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:31Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39417","reference_id":"CVE-2024-39417","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39417"},{"reference_url":"https://github.com/advisories/GHSA-4xmj-f664-hv98","reference_id":"GHSA-4xmj-f664-hv98","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4xmj-f664-hv98"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39417","GHSA-4xmj-f664-hv98"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qnpc-4r4b-3uhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46443?format=json","vulnerability_id":"VCID-s7t9-h2jx-9bgr","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39416","reference_id":"","reference_type":"","scores":[{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55433","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55556","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55553","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55568","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39416"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:27Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39416","reference_id":"CVE-2024-39416","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39416"},{"reference_url":"https://github.com/advisories/GHSA-4xgg-rw35-7mv5","reference_id":"GHSA-4xgg-rw35-7mv5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4xgg-rw35-7mv5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39416","GHSA-4xgg-rw35-7mv5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s7t9-h2jx-9bgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46640?format=json","vulnerability_id":"VCID-u52p-wrjp-quhk","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changeson behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39408","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67045","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67151","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67137","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39408"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:17Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39408","reference_id":"CVE-2024-39408","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39408"},{"reference_url":"https://github.com/advisories/GHSA-4cj6-f32v-6hgx","reference_id":"GHSA-4cj6-f32v-6hgx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4cj6-f32v-6hgx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/30241?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-466x-mpt9-gbgy"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-8hfe-bt2u-37f9"},{"vulnerability":"VCID-96hr-sbyj-27dw"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-e9g4-n5c8-6yf9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fb5x-afrq-87aj"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jkrp-j7st-27f3"},{"vulnerability":"VCID-jnuu-9mt7-jyd5"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q12a-kwpk-yufv"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-qr8w-qwb5-6uag"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"},{"vulnerability":"VCID-zssu-1dmn-sycb"},{"vulnerability":"VCID-zym7-1cr7-mkaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39408","GHSA-4cj6-f32v-6hgx"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u52p-wrjp-quhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46849?format=json","vulnerability_id":"VCID-vwpg-z9en-6yej","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an admin attacker to inject and execute arbitrary JavaScript code within the context of the user's browser session. Exploitation of this issue requires user interaction, such as convincing a victim to click on a malicious link. Confidentiality and integrity impact is high as it affects other admin accounts.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39400","reference_id":"","reference_type":"","scores":[{"value":"0.01472","scoring_system":"epss","scoring_elements":"0.81419","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01472","scoring_system":"epss","scoring_elements":"0.81428","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01472","scoring_system":"epss","scoring_elements":"0.81358","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39400"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:12:38Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39400","reference_id":"CVE-2024-39400","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39400"},{"reference_url":"https://github.com/advisories/GHSA-52fg-wjxm-pp44","reference_id":"GHSA-52fg-wjxm-pp44","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-52fg-wjxm-pp44"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39400","GHSA-52fg-wjxm-pp44"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vwpg-z9en-6yej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46579?format=json","vulnerability_id":"VCID-wfdz-b6c4-quhq","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39411","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54261","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54388","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54386","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54403","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39411"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:14Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39411","reference_id":"CVE-2024-39411","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39411"},{"reference_url":"https://github.com/advisories/GHSA-qm77-mqf3-fmhq","reference_id":"GHSA-qm77-mqf3-fmhq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qm77-mqf3-fmhq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39411","GHSA-qm77-mqf3-fmhq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wfdz-b6c4-quhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46765?format=json","vulnerability_id":"VCID-xmby-7b1y-v3cn","summary":"Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39404","reference_id":"","reference_type":"","scores":[{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.48","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.48016","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47859","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39404"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"apsb24-61.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:12:52Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39404","reference_id":"CVE-2024-39404","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39404"},{"reference_url":"https://github.com/advisories/GHSA-qrh3-vxjg-h9h6","reference_id":"GHSA-qrh3-vxjg-h9h6","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qrh3-vxjg-h9h6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32998?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/33000?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/33001?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39404","GHSA-qrh3-vxjg-h9h6"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xmby-7b1y-v3cn"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49294?format=json","vulnerability_id":"VCID-549e-3kmc-cyfw","summary":"Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both confidentiality and integrity impact. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34104","reference_id":"","reference_type":"","scores":[{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.7054","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70537","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70435","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70526","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34104"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"apsb24-40.html","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-14T13:48:20Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34104","reference_id":"CVE-2024-34104","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34104"},{"reference_url":"https://github.com/advisories/GHSA-wwj3-573j-rvvm","reference_id":"GHSA-wwj3-573j-rvvm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wwj3-573j-rvvm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32194?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/32193?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-158t-bqnb-83d4"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-3ydj-usv4-47fq"},{"vulnerability":"VCID-4b5p-wqtj-7kbe"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jeur-3jww-dqee"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-u52p-wrjp-quhk"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-xmby-7b1y-v3cn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/32195?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-158t-bqnb-83d4"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-3ydj-usv4-47fq"},{"vulnerability":"VCID-4b5p-wqtj-7kbe"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jeur-3jww-dqee"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u52p-wrjp-quhk"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/30241?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-466x-mpt9-gbgy"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-8hfe-bt2u-37f9"},{"vulnerability":"VCID-96hr-sbyj-27dw"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-e9g4-n5c8-6yf9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fb5x-afrq-87aj"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jkrp-j7st-27f3"},{"vulnerability":"VCID-jnuu-9mt7-jyd5"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q12a-kwpk-yufv"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-qr8w-qwb5-6uag"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"},{"vulnerability":"VCID-zssu-1dmn-sycb"},{"vulnerability":"VCID-zym7-1cr7-mkaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34104","GHSA-wwj3-573j-rvvm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-549e-3kmc-cyfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49909?format=json","vulnerability_id":"VCID-eban-ja9z-f7ep","summary":"Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to gain unauthorized access or perform actions with the privileges of another user. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34106","reference_id":"","reference_type":"","scores":[{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.71516","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.71514","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.71417","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.71504","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34106"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"apsb24-40.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-13T16:21:10Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34106","reference_id":"CVE-2024-34106","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34106"},{"reference_url":"https://github.com/advisories/GHSA-p6h9-gx5g-wg64","reference_id":"GHSA-p6h9-gx5g-wg64","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p6h9-gx5g-wg64"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32194?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/32193?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-158t-bqnb-83d4"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-3ydj-usv4-47fq"},{"vulnerability":"VCID-4b5p-wqtj-7kbe"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jeur-3jww-dqee"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-u52p-wrjp-quhk"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-xmby-7b1y-v3cn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/32195?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-158t-bqnb-83d4"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-3ydj-usv4-47fq"},{"vulnerability":"VCID-4b5p-wqtj-7kbe"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jeur-3jww-dqee"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u52p-wrjp-quhk"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/30241?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-466x-mpt9-gbgy"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-8hfe-bt2u-37f9"},{"vulnerability":"VCID-96hr-sbyj-27dw"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-e9g4-n5c8-6yf9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fb5x-afrq-87aj"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jkrp-j7st-27f3"},{"vulnerability":"VCID-jnuu-9mt7-jyd5"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q12a-kwpk-yufv"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-qr8w-qwb5-6uag"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"},{"vulnerability":"VCID-zssu-1dmn-sycb"},{"vulnerability":"VCID-zym7-1cr7-mkaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34106","GHSA-p6h9-gx5g-wg64"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eban-ja9z-f7ep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49820?format=json","vulnerability_id":"VCID-frhp-vgpt-g7am","summary":"Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access or elevated privileges within the application. Exploitation of this issue does not require user interaction, but attack complexity is high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34103","reference_id":"","reference_type":"","scores":[{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.83355","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.8336","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.83294","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.83363","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34103"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"apsb24-40.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34103","reference_id":"CVE-2024-34103","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34103"},{"reference_url":"https://github.com/advisories/GHSA-f7q4-9gwv-6774","reference_id":"GHSA-f7q4-9gwv-6774","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f7q4-9gwv-6774"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32194?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/32193?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-158t-bqnb-83d4"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-3ydj-usv4-47fq"},{"vulnerability":"VCID-4b5p-wqtj-7kbe"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jeur-3jww-dqee"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-u52p-wrjp-quhk"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-xmby-7b1y-v3cn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/32195?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-158t-bqnb-83d4"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-3ydj-usv4-47fq"},{"vulnerability":"VCID-4b5p-wqtj-7kbe"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jeur-3jww-dqee"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u52p-wrjp-quhk"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/30241?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-466x-mpt9-gbgy"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-8hfe-bt2u-37f9"},{"vulnerability":"VCID-96hr-sbyj-27dw"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-e9g4-n5c8-6yf9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fb5x-afrq-87aj"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jkrp-j7st-27f3"},{"vulnerability":"VCID-jnuu-9mt7-jyd5"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q12a-kwpk-yufv"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-qr8w-qwb5-6uag"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"},{"vulnerability":"VCID-zssu-1dmn-sycb"},{"vulnerability":"VCID-zym7-1cr7-mkaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34103","GHSA-f7q4-9gwv-6774"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-frhp-vgpt-g7am"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49778?format=json","vulnerability_id":"VCID-kf6b-mshs-23fa","summary":"Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and view minor unauthorised information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34107","reference_id":"","reference_type":"","scores":[{"value":"0.00729","scoring_system":"epss","scoring_elements":"0.7321","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00729","scoring_system":"epss","scoring_elements":"0.73208","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00729","scoring_system":"epss","scoring_elements":"0.73117","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00729","scoring_system":"epss","scoring_elements":"0.73195","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34107"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"apsb24-40.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-14T13:30:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34107","reference_id":"CVE-2024-34107","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34107"},{"reference_url":"https://github.com/advisories/GHSA-r7cm-g469-wm4g","reference_id":"GHSA-r7cm-g469-wm4g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r7cm-g469-wm4g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32194?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/32193?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-158t-bqnb-83d4"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-3ydj-usv4-47fq"},{"vulnerability":"VCID-4b5p-wqtj-7kbe"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jeur-3jww-dqee"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-u52p-wrjp-quhk"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-xmby-7b1y-v3cn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/32195?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-158t-bqnb-83d4"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-3ydj-usv4-47fq"},{"vulnerability":"VCID-4b5p-wqtj-7kbe"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jeur-3jww-dqee"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u52p-wrjp-quhk"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/30241?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-466x-mpt9-gbgy"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-8hfe-bt2u-37f9"},{"vulnerability":"VCID-96hr-sbyj-27dw"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-e9g4-n5c8-6yf9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fb5x-afrq-87aj"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jkrp-j7st-27f3"},{"vulnerability":"VCID-jnuu-9mt7-jyd5"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q12a-kwpk-yufv"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-qr8w-qwb5-6uag"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"},{"vulnerability":"VCID-zssu-1dmn-sycb"},{"vulnerability":"VCID-zym7-1cr7-mkaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34107","GHSA-r7cm-g469-wm4g"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kf6b-mshs-23fa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49335?format=json","vulnerability_id":"VCID-xgk2-yecx-q3ff","summary":"Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34102","reference_id":"","reference_type":"","scores":[{"value":"0.94171","scoring_system":"epss","scoring_elements":"0.99921","published_at":"2026-06-14T12:55:00Z"},{"value":"0.94171","scoring_system":"epss","scoring_elements":"0.9992","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34102"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482#diff-84a0773a6287fbbaadf3b9103f4a137fc0b6946de2437ddfd6f60a0722cf8d23","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482#diff-84a0773a6287fbbaadf3b9103f4a137fc0b6946de2437ddfd6f60a0722cf8d23"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"apsb24-40.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-07-18T03:55:19Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102","reference_id":"cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-07-18T03:55:19Z/"}],"url":"https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34102","reference_id":"CVE-2024-34102","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34102"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2024-34102.yaml","reference_id":"CVE-2024-34102.YAML","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2024-34102.yaml"},{"reference_url":"https://github.com/advisories/GHSA-m8cj-3v68-3cxj","reference_id":"GHSA-m8cj-3v68-3cxj","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m8cj-3v68-3cxj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32194?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/32193?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-158t-bqnb-83d4"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-3ydj-usv4-47fq"},{"vulnerability":"VCID-4b5p-wqtj-7kbe"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jeur-3jww-dqee"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-u52p-wrjp-quhk"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-xmby-7b1y-v3cn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/32195?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-158t-bqnb-83d4"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-3ydj-usv4-47fq"},{"vulnerability":"VCID-4b5p-wqtj-7kbe"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jeur-3jww-dqee"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u52p-wrjp-quhk"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/30241?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-466x-mpt9-gbgy"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-8hfe-bt2u-37f9"},{"vulnerability":"VCID-96hr-sbyj-27dw"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-e9g4-n5c8-6yf9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fb5x-afrq-87aj"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jkrp-j7st-27f3"},{"vulnerability":"VCID-jnuu-9mt7-jyd5"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q12a-kwpk-yufv"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-qr8w-qwb5-6uag"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"},{"vulnerability":"VCID-zssu-1dmn-sycb"},{"vulnerability":"VCID-zym7-1cr7-mkaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34102","GHSA-m8cj-3v68-3cxj"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xgk2-yecx-q3ff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49810?format=json","vulnerability_id":"VCID-zthr-mpwx-1fef","summary":"Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A low-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction..","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34111","reference_id":"","reference_type":"","scores":[{"value":"0.00759","scoring_system":"epss","scoring_elements":"0.73857","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00759","scoring_system":"epss","scoring_elements":"0.73855","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00759","scoring_system":"epss","scoring_elements":"0.73767","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00759","scoring_system":"epss","scoring_elements":"0.73841","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34111"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"apsb24-40.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T21:18:03Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34111","reference_id":"CVE-2024-34111","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34111"},{"reference_url":"https://github.com/advisories/GHSA-jmqp-r3gg-6jh3","reference_id":"GHSA-jmqp-r3gg-6jh3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jmqp-r3gg-6jh3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32194?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/32193?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-158t-bqnb-83d4"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-3ydj-usv4-47fq"},{"vulnerability":"VCID-4b5p-wqtj-7kbe"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jeur-3jww-dqee"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-u52p-wrjp-quhk"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-xmby-7b1y-v3cn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/32195?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-158t-bqnb-83d4"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-3ydj-usv4-47fq"},{"vulnerability":"VCID-4b5p-wqtj-7kbe"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jeur-3jww-dqee"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u52p-wrjp-quhk"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/30241?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-466x-mpt9-gbgy"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-8hfe-bt2u-37f9"},{"vulnerability":"VCID-96hr-sbyj-27dw"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-e9g4-n5c8-6yf9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fb5x-afrq-87aj"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jkrp-j7st-27f3"},{"vulnerability":"VCID-jnuu-9mt7-jyd5"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q12a-kwpk-yufv"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-qr8w-qwb5-6uag"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"},{"vulnerability":"VCID-zssu-1dmn-sycb"},{"vulnerability":"VCID-zym7-1cr7-mkaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34111","GHSA-jmqp-r3gg-6jh3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zthr-mpwx-1fef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49344?format=json","vulnerability_id":"VCID-zv6m-4py8-3ydq","summary":"Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34105","reference_id":"","reference_type":"","scores":[{"value":"0.01961","scoring_system":"epss","scoring_elements":"0.83955","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01961","scoring_system":"epss","scoring_elements":"0.83951","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01961","scoring_system":"epss","scoring_elements":"0.8389","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01961","scoring_system":"epss","scoring_elements":"0.83947","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34105"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"apsb24-40.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T16:04:12Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34105","reference_id":"CVE-2024-34105","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34105"},{"reference_url":"https://github.com/advisories/GHSA-5632-wq7m-gfq9","reference_id":"GHSA-5632-wq7m-gfq9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5632-wq7m-gfq9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32194?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/32193?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-158t-bqnb-83d4"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-3ydj-usv4-47fq"},{"vulnerability":"VCID-4b5p-wqtj-7kbe"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jeur-3jww-dqee"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-u52p-wrjp-quhk"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-xmby-7b1y-v3cn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/32195?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-158t-bqnb-83d4"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-3ydj-usv4-47fq"},{"vulnerability":"VCID-4b5p-wqtj-7kbe"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jeur-3jww-dqee"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u52p-wrjp-quhk"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/30241?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-466x-mpt9-gbgy"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-8hfe-bt2u-37f9"},{"vulnerability":"VCID-96hr-sbyj-27dw"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-e9g4-n5c8-6yf9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fb5x-afrq-87aj"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jkrp-j7st-27f3"},{"vulnerability":"VCID-jnuu-9mt7-jyd5"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q12a-kwpk-yufv"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-qr8w-qwb5-6uag"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"},{"vulnerability":"VCID-zssu-1dmn-sycb"},{"vulnerability":"VCID-zym7-1cr7-mkaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34105","GHSA-5632-wq7m-gfq9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zv6m-4py8-3ydq"}],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"}