Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/33792?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "type": "composer", "namespace": "magento", "name": "community-edition", "version": "2.4.4-p11", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.4.6-p13", "latest_non_vulnerable_version": "2.4.9-alpha3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124324?format=api", "vulnerability_id": "VCID-1vq9-br2m-dbby", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24438", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04462", "scoring_system": "epss", "scoring_elements": "0.89368", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.04462", "scoring_system": "epss", "scoring_elements": "0.89331", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24438" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24438", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24438" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:43Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-8884-7rm9-mrx4", "reference_id": "GHSA-8884-7rm9-mrx4", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-8884-7rm9-mrx4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24438", "GHSA-8884-7rm9-mrx4" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1vq9-br2m-dbby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124201?format=api", "vulnerability_id": "VCID-313z-h2v4-c3fr", "summary": "Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24436", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35373", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3555", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24436" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24436", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24436" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:53Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-ghpr-6qhr-rpp8", "reference_id": "GHSA-ghpr-6qhr-rpp8", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-ghpr-6qhr-rpp8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24436", "GHSA-ghpr-6qhr-rpp8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-313z-h2v4-c3fr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124669?format=api", "vulnerability_id": "VCID-3a8p-9krx-23e8", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access affecting Confidentiality and Integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24411", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.28891", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29093", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24411" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24411", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24411" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:40Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-36hw-x3cc-m258", "reference_id": "GHSA-36hw-x3cc-m258", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-36hw-x3cc-m258" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24411", "GHSA-36hw-x3cc-m258" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3a8p-9krx-23e8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88199?format=api", "vulnerability_id": "VCID-4nqq-nrne-17a2", "summary": "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54266", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18174", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18338", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54266" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html", "reference_id": "apsb25-94.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:24:32Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54266", "reference_id": "CVE-2025-54266", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54266" }, { "reference_url": "https://github.com/advisories/GHSA-pcrx-r49h-x2w5", "reference_id": "GHSA-pcrx-r49h-x2w5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pcrx-r49h-x2w5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34326?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/34329?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/34331?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34328?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3" } ], "aliases": [ "CVE-2025-54266", "GHSA-pcrx-r49h-x2w5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4nqq-nrne-17a2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97922?format=api", "vulnerability_id": "VCID-53sd-5nuj-e7d9", "summary": "Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable form fields. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49557", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.49258", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.4912", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49557" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49557", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49557" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "apsb25-71.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:12Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://github.com/advisories/GHSA-8mq8-c243-2335", "reference_id": "GHSA-8mq8-c243-2335", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-8mq8-c243-2335" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377756?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p15", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p15" }, { "url": "http://public2.vulnerablecode.io/api/packages/27375?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9kv7-4rer-m3fs" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-drw7-nqdq-sfgj" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-qcwq-814h-63c2" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vgck-qufa-y7g8" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/377522?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/377521?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377520?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/34327?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-49557", "GHSA-8mq8-c243-2335" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-53sd-5nuj-e7d9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124340?format=api", "vulnerability_id": "VCID-5edy-fp8q-97fp", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24417", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.803", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80361", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24417" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24417", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24417" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:50Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-g3j6-9753-8mp2", "reference_id": "GHSA-g3j6-9753-8mp2", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-g3j6-9753-8mp2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24417", "GHSA-g3j6-9753-8mp2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5edy-fp8q-97fp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87661?format=api", "vulnerability_id": "VCID-6d1u-exkw-hbfu", "summary": "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54236", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.72152", "scoring_system": "epss", "scoring_elements": "0.98777", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.72152", "scoring_system": "epss", "scoring_elements": "0.98772", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54236" }, { "reference_url": "https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nullsecurityx.codes/cve-2025-54236-sessionreaper-unauthenticated-rce-in-magento", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nullsecurityx.codes/cve-2025-54236-sessionreaper-unauthenticated-rce-in-magento" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54236", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54236" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54236", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54236" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-88.html", "reference_id": "apsb25-88.html", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-10-24T14:08:30Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-88.html" }, { "reference_url": "https://github.com/advisories/GHSA-wh92-6q6g-px7j", "reference_id": "GHSA-wh92-6q6g-px7j", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-wh92-6q6g-px7j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/380834?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-2tge-6ken-kqge" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-6gtw-hr2w-5fcd" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7hqr-a671-wfhq" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-8r3a-tuwb-k3f5" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-afft-etfr-n3ep" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-df8h-8pgg-efg2" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ezee-pmc6-tuc2" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ff1h-49j6-fygj" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kbkg-d58m-h7bf" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-mb5s-j22m-3qdx" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qgse-3kg2-7ke7" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-swsg-c57z-1fe5" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u7wj-vk3w-sbb8" }, { "vulnerability": "VCID-v4kk-tszr-puge" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xrwz-zqgd-7yc5" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/380578?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-158t-bqnb-83d4" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1bw2-wubb-hqdf" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-3ydj-usv4-47fq" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4b5p-wqtj-7kbe" }, { "vulnerability": "VCID-549e-3kmc-cyfw" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-eban-ja9z-f7ep" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-frhp-vgpt-g7am" }, { "vulnerability": "VCID-fz2x-ms14-pkfs" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jeur-3jww-dqee" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kf6b-mshs-23fa" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-pzjb-n7ah-ffcg" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-u52p-wrjp-quhk" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgk2-yecx-q3ff" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zthr-mpwx-1fef" }, { "vulnerability": "VCID-zv6m-4py8-3ydq" }, { "vulnerability": "VCID-zwem-swqk-1kaz" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p2" } ], "aliases": [ "CVE-2025-54236", "GHSA-wh92-6q6g-px7j" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6d1u-exkw-hbfu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88207?format=api", "vulnerability_id": "VCID-7bmk-3ab2-9ba6", "summary": "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to elevated privileges that increase integrity impact to high. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54267", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20479", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20657", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54267" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html", "reference_id": "apsb25-94.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-16T03:56:04Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54267", "reference_id": "CVE-2025-54267", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54267" }, { "reference_url": "https://github.com/advisories/GHSA-qvwr-p3hj-j6jf", "reference_id": "GHSA-qvwr-p3hj-j6jf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qvwr-p3hj-j6jf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34326?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/34329?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/34331?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34328?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3" } ], "aliases": [ "CVE-2025-54267", "GHSA-qvwr-p3hj-j6jf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7bmk-3ab2-9ba6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98404?format=api", "vulnerability_id": "VCID-9gb1-p5qf-3kd2", "summary": "Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability by manipulating the timing between the check of a resource's state and its use, allowing unauthorized write access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49558", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01616", "scoring_system": "epss", "scoring_elements": "0.82277", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01616", "scoring_system": "epss", "scoring_elements": "0.82215", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49558" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49558", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49558" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "apsb25-71.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:13Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://github.com/advisories/GHSA-wcmw-8xpp-rwfj", "reference_id": "GHSA-wcmw-8xpp-rwfj", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-wcmw-8xpp-rwfj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377522?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/377521?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377520?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/377519?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/377518?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2" } ], "aliases": [ "CVE-2025-49558", "GHSA-wcmw-8xpp-rwfj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9gb1-p5qf-3kd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124633?format=api", "vulnerability_id": "VCID-9gbf-swtt-7bhz", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24424", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45317", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45466", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24424" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24424", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24424" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:44Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-539v-w87w-w62c", "reference_id": "GHSA-539v-w87w-w62c", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-539v-w87w-w62c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24424", "GHSA-539v-w87w-w62c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9gbf-swtt-7bhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/117174?format=api", "vulnerability_id": "VCID-bvfd-gs5b-dyg7", "summary": "Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27190", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50382", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50515", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27190" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27190", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27190" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html", "reference_id": "apsb25-26.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:02Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html" }, { "reference_url": "https://github.com/advisories/GHSA-6wq7-cg9h-mj6q", "reference_id": "GHSA-6wq7-cg9h-mj6q", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-6wq7-cg9h-mj6q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376305?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/376304?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376303?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/376302?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-27190", "GHSA-6wq7-cg9h-mj6q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bvfd-gs5b-dyg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124816?format=api", "vulnerability_id": "VCID-ctrj-y3d6-a7dv", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24434", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44103", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44257", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24434" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24434", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24434" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:37Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-fppq-f2m6-xv5c", "reference_id": "GHSA-fppq-f2m6-xv5c", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fppq-f2m6-xv5c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24434", "GHSA-fppq-f2m6-xv5c" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ctrj-y3d6-a7dv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124822?format=api", "vulnerability_id": "VCID-cyy2-3rr3-jkc8", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to read select data. Exploitation of this issue does not require user interaction", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24421", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3555", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35373", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24421" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24421", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24421" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:01Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-v6r2-425c-hfrr", "reference_id": "GHSA-v6r2-425c-hfrr", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-v6r2-425c-hfrr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24421", "GHSA-v6r2-425c-hfrr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cyy2-3rr3-jkc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124768?format=api", "vulnerability_id": "VCID-d9zc-rh9p-4bde", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass allowing read only access. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue requires user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24429", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39695", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39865", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24429" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24429", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24429" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:50Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-656q-fx2w-8ccv", "reference_id": "GHSA-656q-fx2w-8ccv", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-656q-fx2w-8ccv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24429", "GHSA-656q-fx2w-8ccv" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d9zc-rh9p-4bde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124253?format=api", "vulnerability_id": "VCID-dytj-h56v-bke9", "summary": "Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to modify limited fields. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24435", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40491", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40659", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24435" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24435", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24435" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:16Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-82p4-55gj-956p", "reference_id": "GHSA-82p4-55gj-956p", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-82p4-55gj-956p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24435", "GHSA-82p4-55gj-956p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dytj-h56v-bke9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124732?format=api", "vulnerability_id": "VCID-esjc-zzqy-nycf", "summary": "Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Information Exposure vulnerability that could result in privilege escalation. A low-privileged attacker could gain unauthorized access to sensitive information. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00377", "scoring_system": "epss", "scoring_elements": "0.5972", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00377", "scoring_system": "epss", "scoring_elements": "0.59828", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24408" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24408", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24408" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:13Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-3cfg-w257-cgf8", "reference_id": "GHSA-3cfg-w257-cgf8", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-3cfg-w257-cgf8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24408", "GHSA-3cfg-w257-cgf8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-esjc-zzqy-nycf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88335?format=api", "vulnerability_id": "VCID-eusf-bc81-9uhv", "summary": "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54263", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26114", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25914", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54263" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html", "reference_id": "apsb25-94.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:29Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54263", "reference_id": "CVE-2025-54263", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54263" }, { "reference_url": "https://github.com/advisories/GHSA-69x9-xp2j-w8g8", "reference_id": "GHSA-69x9-xp2j-w8g8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-69x9-xp2j-w8g8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34326?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/34329?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/34331?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34328?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3" } ], "aliases": [ "CVE-2025-54263", "GHSA-69x9-xp2j-w8g8" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eusf-bc81-9uhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124891?format=api", "vulnerability_id": "VCID-ferd-u8gt-akds", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to a security feature bypass. An unauthenticated attacker could exploit this vulnerability to modify files that are stored outside the restricted directory. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24406", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46829", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46685", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24406" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24406", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24406" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:51:36Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-954p-ff72-327w", "reference_id": "GHSA-954p-ff72-327w", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-954p-ff72-327w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24406", "GHSA-954p-ff72-327w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ferd-u8gt-akds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97905?format=api", "vulnerability_id": "VCID-fqkf-67fw-cyb8", "summary": "Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to modify limited data. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02291", "scoring_system": "epss", "scoring_elements": "0.85068", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02291", "scoring_system": "epss", "scoring_elements": "0.85121", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49559" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49559", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49559" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "apsb25-71.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:14Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://github.com/advisories/GHSA-h4f4-gv6h-x824", "reference_id": "GHSA-h4f4-gv6h-x824", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-h4f4-gv6h-x824" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377522?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/377521?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377520?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/377519?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/377518?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2" } ], "aliases": [ "CVE-2025-49559", "GHSA-h4f4-gv6h-x824" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fqkf-67fw-cyb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124047?format=api", "vulnerability_id": "VCID-gac9-1nnp-67cc", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing rate limiting mechanisms. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24432", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27887", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27686", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24432" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24432", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24432" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T19:09:50Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-7jmr-43qj-pw47", "reference_id": "GHSA-7jmr-43qj-pw47", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-7jmr-43qj-pw47" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24432", "GHSA-7jmr-43qj-pw47" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gac9-1nnp-67cc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98222?format=api", "vulnerability_id": "VCID-gakd-m2af-z7c2", "summary": "Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue requires user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49550", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.65051", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64951", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49550" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49550", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49550" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html", "reference_id": "apsb25-50.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T18:07:51Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html" }, { "reference_url": "https://github.com/advisories/GHSA-8hcx-xvww-6c6h", "reference_id": "GHSA-8hcx-xvww-6c6h", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-8hcx-xvww-6c6h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/378550?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/378549?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/378548?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/34327?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-49550", "GHSA-8hcx-xvww-6c6h" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gakd-m2af-z7c2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98053?format=api", "vulnerability_id": "VCID-gx3s-7cxk-pyfc", "summary": "Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction, and scope is unchanged.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49556", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01048", "scoring_system": "epss", "scoring_elements": "0.77994", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01048", "scoring_system": "epss", "scoring_elements": "0.77927", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49556" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49556", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49556" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "apsb25-71.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:18:25Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://github.com/advisories/GHSA-7hrj-3c9x-xv5h", "reference_id": "GHSA-7hrj-3c9x-xv5h", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-7hrj-3c9x-xv5h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377522?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/377521?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377520?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/377519?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/377518?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2" } ], "aliases": [ "CVE-2025-49556", "GHSA-7hrj-3c9x-xv5h" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gx3s-7cxk-pyfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124171?format=api", "vulnerability_id": "VCID-gzga-qjaf-kugh", "summary": "Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24428", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0102", "scoring_system": "epss", "scoring_elements": "0.77716", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0102", "scoring_system": "epss", "scoring_elements": "0.77648", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24428" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24428", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24428" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:10Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-mm87-rrqx-94cr", "reference_id": "GHSA-mm87-rrqx-94cr", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-mm87-rrqx-94cr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24428", "GHSA-mm87-rrqx-94cr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gzga-qjaf-kugh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87827?format=api", "vulnerability_id": "VCID-h2ju-dedu-fqad", "summary": "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54265", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29688", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29491", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54265" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html", "reference_id": "apsb25-94.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T20:35:42Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54265", "reference_id": "CVE-2025-54265", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54265" }, { "reference_url": "https://github.com/advisories/GHSA-r355-75hw-r8jf", "reference_id": "GHSA-r355-75hw-r8jf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r355-75hw-r8jf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34326?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/34329?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/34331?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34328?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3" } ], "aliases": [ "CVE-2025-54265", "GHSA-r355-75hw-r8jf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h2ju-dedu-fqad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/117136?format=api", "vulnerability_id": "VCID-jc6r-vmnc-r3g9", "summary": "Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27188", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36317", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36497", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27188" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27188", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27188" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html", "reference_id": "apsb25-26.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:30Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html" }, { "reference_url": "https://github.com/advisories/GHSA-rr2g-rrjj-xw86", "reference_id": "GHSA-rr2g-rrjj-xw86", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-rr2g-rrjj-xw86" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376305?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/376304?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376303?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/30241?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-141w-faqu-w3ay" }, { "vulnerability": "VCID-16es-u6cy-u3g8" }, { "vulnerability": "VCID-1mpb-gzr2-53ar" }, { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-2t3q-pmg5-qyhn" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-368r-um85-k3d2" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-3s5p-wb18-13ge" }, { "vulnerability": "VCID-3uj4-thpr-cue1" }, { "vulnerability": "VCID-466x-mpt9-gbgy" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-6v47-xgpq-zkgf" }, { "vulnerability": "VCID-78hy-q8kh-kyh7" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-7j68-gund-4qhp" }, { "vulnerability": "VCID-8365-zgh2-w3cc" }, { "vulnerability": "VCID-8gwb-c3ck-37f8" }, { "vulnerability": "VCID-8hfe-bt2u-37f9" }, { "vulnerability": "VCID-96hr-sbyj-27dw" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-a6gj-zm14-aqhq" }, { "vulnerability": "VCID-ax9q-y1rb-33b2" }, { "vulnerability": "VCID-bfp1-cndf-d7d7" }, { "vulnerability": "VCID-bftg-2sea-57cv" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dktm-v3jw-f7de" }, { "vulnerability": "VCID-dsy7-gm7v-tqc8" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-e2t8-b5yy-zkhn" }, { "vulnerability": "VCID-e9g4-n5c8-6yf9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fb5x-afrq-87aj" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-ggtj-fbzy-87fx" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gxbc-u5mr-f3c9" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-j9e4-4xta-6qc5" }, { "vulnerability": "VCID-jkrp-j7st-27f3" }, { "vulnerability": "VCID-jnuu-9mt7-jyd5" }, { "vulnerability": "VCID-jyhf-huep-tya2" }, { "vulnerability": "VCID-kfct-k5af-n7fu" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-mccb-abc5-9yfs" }, { "vulnerability": "VCID-ngx2-ewzf-xbd4" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pb4n-m8cv-9bb7" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q12a-kwpk-yufv" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qbx1-jqke-v7hf" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-qnpc-4r4b-3uhx" }, { "vulnerability": "VCID-qr8w-qwb5-6uag" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-rw4d-b9yt-mbhz" }, { "vulnerability": "VCID-s45p-jru3-w3df" }, { "vulnerability": "VCID-s7t9-h2jx-9bgr" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twda-bvut-9bhp" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-vgz6-nvj3-xqft" }, { "vulnerability": "VCID-vwpg-z9en-6yej" }, { "vulnerability": "VCID-wfdz-b6c4-quhq" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xmby-7b1y-v3cn" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" }, { "vulnerability": "VCID-zssu-1dmn-sycb" }, { "vulnerability": "VCID-zym7-1cr7-mkaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/376302?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5" }, { "url": "http://public2.vulnerablecode.io/api/packages/34325?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8" } ], "aliases": [ "CVE-2025-27188", "GHSA-rr2g-rrjj-xw86" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jc6r-vmnc-r3g9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124493?format=api", "vulnerability_id": "VCID-kjc9-vrhf-hfav", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24427", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40491", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40659", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24427" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24427", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24427" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:04Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-v3hq-g424-5mgg", "reference_id": "GHSA-v3hq-g424-5mgg", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-v3hq-g424-5mgg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24427", "GHSA-v3hq-g424-5mgg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kjc9-vrhf-hfav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97819?format=api", "vulnerability_id": "VCID-ktnj-j4xu-uufs", "summary": "Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in privilege escalation. A high-privileged attacker could trick a victim into executing unintended actions on a web application where the victim is authenticated, potentially allowing unauthorized access or modification of sensitive data. Exploitation of this issue requires user interaction in that a victim must visit a malicious website or click on a crafted link. Scope is changed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49555", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.59261", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.59149", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49555" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49555", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49555" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "apsb25-71.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:10Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://github.com/advisories/GHSA-5777-jj7p-mpqw", "reference_id": "GHSA-5777-jj7p-mpqw", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-5777-jj7p-mpqw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377522?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/377521?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377520?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/377519?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/377518?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2" } ], "aliases": [ "CVE-2025-49555", "GHSA-5777-jj7p-mpqw" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ktnj-j4xu-uufs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/116898?format=api", "vulnerability_id": "VCID-kxjv-xm7r-hkhs", "summary": "Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27191", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50382", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50515", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27191" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27191", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27191" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html", "reference_id": "apsb25-26.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:08Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html" }, { "reference_url": "https://github.com/advisories/GHSA-vhcq-4xrm-2cr2", "reference_id": "GHSA-vhcq-4xrm-2cr2", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-vhcq-4xrm-2cr2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376305?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/376304?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376303?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/376302?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-27191", "GHSA-vhcq-4xrm-2cr2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kxjv-xm7r-hkhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124632?format=api", "vulnerability_id": "VCID-ntst-nee5-63d3", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24410", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01784", "scoring_system": "epss", "scoring_elements": "0.83137", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01784", "scoring_system": "epss", "scoring_elements": "0.83198", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24410" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24410", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24410" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:38Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-gjxp-46rq-wg4q", "reference_id": "GHSA-gjxp-46rq-wg4q", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-gjxp-46rq-wg4q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24410", "GHSA-gjxp-46rq-wg4q" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ntst-nee5-63d3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87743?format=api", "vulnerability_id": "VCID-pcm6-819d-6uhm", "summary": "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.44191", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.44038", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-54264" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html", "reference_id": "apsb25-94.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:28Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-94.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54264", "reference_id": "CVE-2025-54264", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54264" }, { "reference_url": "https://github.com/advisories/GHSA-2768-5wmv-cfff", "reference_id": "GHSA-2768-5wmv-cfff", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2768-5wmv-cfff" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34326?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/34329?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/34331?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34328?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3" } ], "aliases": [ "CVE-2025-54264", "GHSA-2768-5wmv-cfff" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pcm6-819d-6uhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124042?format=api", "vulnerability_id": "VCID-pfvk-8q6r-e7c5", "summary": "Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain elevated privileges. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24437", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35704", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35884", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24437" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24437", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24437" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:35Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-469f-wf4f-3jjv", "reference_id": "GHSA-469f-wf4f-3jjv", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-469f-wf4f-3jjv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24437", "GHSA-469f-wf4f-3jjv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pfvk-8q6r-e7c5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124216?format=api", "vulnerability_id": "VCID-psnm-zaza-tuf9", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24414", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.803", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80361", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24414" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24414", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24414" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:45Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-fhw6-3mj5-w9gv", "reference_id": "GHSA-fhw6-3mj5-w9gv", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fhw6-3mj5-w9gv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24414", "GHSA-fhw6-3mj5-w9gv" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-psnm-zaza-tuf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124011?format=api", "vulnerability_id": "VCID-pu8a-r3v2-g7h9", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24416", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.803", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80361", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24416" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24416", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24416" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:48Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-rjjw-g6hw-7pc9", "reference_id": "GHSA-rjjw-g6hw-7pc9", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-rjjw-g6hw-7pc9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24416", "GHSA-rjjw-g6hw-7pc9" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pu8a-r3v2-g7h9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/116851?format=api", "vulnerability_id": "VCID-q68u-w433-tqb9", "summary": "Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could lead to a security feature bypass. A high privileged attacker could exploit this vulnerability to gain unauthorized access to protected resources by obtaining sensitive credential information. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27192", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28266", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28067", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27192" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27192", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27192" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html", "reference_id": "apsb25-26.html", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:23Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-26.html" }, { "reference_url": "https://github.com/advisories/GHSA-2r94-wm5v-4prx", "reference_id": "GHSA-2r94-wm5v-4prx", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2r94-wm5v-4prx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376305?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/376304?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376303?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/376302?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-27192", "GHSA-2r94-wm5v-4prx" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q68u-w433-tqb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124648?format=api", "vulnerability_id": "VCID-qh9p-8b9r-mufh", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24412", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.803", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80361", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24412" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24412", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24412" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:41Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-m4rg-mpp2-97px", "reference_id": "GHSA-m4rg-mpp2-97px", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-m4rg-mpp2-97px" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24412", "GHSA-m4rg-mpp2-97px" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qh9p-8b9r-mufh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124166?format=api", "vulnerability_id": "VCID-rm7u-jwat-v7f1", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both a High impact to confidentiality and Low impact to integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34804", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34983", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24409" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24409", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24409" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T19:11:11Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-vw47-79jv-3598", "reference_id": "GHSA-vw47-79jv-3598", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-vw47-79jv-3598" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24409", "GHSA-vw47-79jv-3598" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rm7u-jwat-v7f1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124016?format=api", "vulnerability_id": "VCID-t4gd-uv9g-ukh5", "summary": "Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Business Logic Error vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to circumvent intended security mechanisms by manipulating the logic of the application's operations causing limited data modification. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24425", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.48044", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.48182", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24425" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24425", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24425" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:51:39Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-6ff8-jrfg-43hh", "reference_id": "GHSA-6ff8-jrfg-43hh", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-6ff8-jrfg-43hh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24425", "GHSA-6ff8-jrfg-43hh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t4gd-uv9g-ukh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97813?format=api", "vulnerability_id": "VCID-twdq-g82m-nqcp", "summary": "Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input, causing the application to crash or become unresponsive. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49554", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.77538", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01005", "scoring_system": "epss", "scoring_elements": "0.77469", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49554" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49554", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49554" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html", "reference_id": "apsb25-71.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:18:27Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-71.html" }, { "reference_url": "https://github.com/advisories/GHSA-xgfm-992v-h2hr", "reference_id": "GHSA-xgfm-992v-h2hr", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-xgfm-992v-h2hr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377522?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14" }, { "url": "http://public2.vulnerablecode.io/api/packages/377521?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377520?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/377519?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2" }, { "url": "http://public2.vulnerablecode.io/api/packages/377518?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-pcm6-819d-6uhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2" } ], "aliases": [ "CVE-2025-49554", "GHSA-xgfm-992v-h2hr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-twdq-g82m-nqcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124757?format=api", "vulnerability_id": "VCID-u9vz-axk1-fqfn", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24415", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.803", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80361", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24415" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24415", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24415" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:47Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-gc27-rvvm-q77r", "reference_id": "GHSA-gc27-rvvm-q77r", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-gc27-rvvm-q77r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24415", "GHSA-gc27-rvvm-q77r" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u9vz-axk1-fqfn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124857?format=api", "vulnerability_id": "VCID-wxkj-7zgv-x7bc", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing rate limiting mechanisms. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24430", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27887", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27686", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24430" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24430", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24430" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:47Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-6w27-c66f-gvhq", "reference_id": "GHSA-6w27-c66f-gvhq", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-6w27-c66f-gvhq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24430", "GHSA-6w27-c66f-gvhq" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wxkj-7zgv-x7bc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/117249?format=api", "vulnerability_id": "VCID-xgh4-b9yn-dkh4", "summary": "Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited write access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72594", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72671", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27206" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27206", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27206" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html", "reference_id": "apsb25-50.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T18:08:33Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html" }, { "reference_url": "https://github.com/advisories/GHSA-g2pj-xmxq-3r9q", "reference_id": "GHSA-g2pj-xmxq-3r9q", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-g2pj-xmxq-3r9q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/378550?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/378549?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/378548?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/34327?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-27206", "GHSA-g2pj-xmxq-3r9q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xgh4-b9yn-dkh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88657?format=api", "vulnerability_id": "VCID-xjd4-w9bn-mbex", "summary": "Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access leading to a limited impact to confidentiality and a high impact to integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-43585", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69786", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69695", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-43585" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43585", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43585" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html", "reference_id": "apsb25-50.html", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T17:23:05Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html" }, { "reference_url": "https://github.com/advisories/GHSA-r487-9vv5-75gg", "reference_id": "GHSA-r487-9vv5-75gg", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-r487-9vv5-75gg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/378550?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/378549?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/378548?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/34327?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-43585", "GHSA-r487-9vv5-75gg" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xjd4-w9bn-mbex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97932?format=api", "vulnerability_id": "VCID-xqc4-jf6e-abfg", "summary": "Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49549", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.67108", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.67016", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49549" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49549", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49549" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html", "reference_id": "apsb25-50.html", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T18:12:28Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html" }, { "reference_url": "https://github.com/advisories/GHSA-85jx-x9r4-45m2", "reference_id": "GHSA-85jx-x9r4-45m2", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-85jx-x9r4-45m2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/378550?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/378549?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/378548?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" }, { "url": "http://public2.vulnerablecode.io/api/packages/34327?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-49549", "GHSA-85jx-x9r4-45m2" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xqc4-jf6e-abfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/119460?format=api", "vulnerability_id": "VCID-z97t-ffda-vfes", "summary": "Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Scope is changed to that of other high-privileged accounts, leading to a high impact on confidentiality, integrity, and availability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47110", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72759", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72682", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47110" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47110", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47110" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html", "reference_id": "apsb25-50.html", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-10T18:09:25Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-50.html" }, { "reference_url": "https://github.com/advisories/GHSA-j934-vjh5-vf9r", "reference_id": "GHSA-j934-vjh5-vf9r", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-j934-vjh5-vf9r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/378550?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13" }, { "url": "http://public2.vulnerablecode.io/api/packages/378549?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/378548?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6" }, { "url": "http://public2.vulnerablecode.io/api/packages/378782?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p1" }, { "url": "http://public2.vulnerablecode.io/api/packages/34327?format=api", "purl": "pkg:composer/magento/community-edition@2.4.9-alpha1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1" } ], "aliases": [ "CVE-2025-47110", "GHSA-j934-vjh5-vf9r" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z97t-ffda-vfes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124512?format=api", "vulnerability_id": "VCID-za87-d5x9-wuby", "summary": "Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24413", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.803", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.80361", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24413" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24413", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24413" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html", "reference_id": "apsb25-08.html", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:44Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb25-08.html" }, { "reference_url": "https://github.com/advisories/GHSA-xwgx-8v72-4j5j", "reference_id": "GHSA-xwgx-8v72-4j5j", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-xwgx-8v72-4j5j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377283?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12" }, { "url": "http://public2.vulnerablecode.io/api/packages/377282?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/377281?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/377280?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4" }, { "url": "http://public2.vulnerablecode.io/api/packages/376306?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-z97t-ffda-vfes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2" } ], "aliases": [ "CVE-2025-24413", "GHSA-xwgx-8v72-4j5j" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-za87-d5x9-wuby" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40651?format=api", "vulnerability_id": "VCID-141w-faqu-w3ay", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45130", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24182", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24378", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45130" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:01:33Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45130", "reference_id": "CVE-2024-45130", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45130" }, { "reference_url": "https://github.com/advisories/GHSA-v3v6-jfvw-m576", "reference_id": "GHSA-v3v6-jfvw-m576", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v3v6-jfvw-m576" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45130", "GHSA-v3v6-jfvw-m576" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-141w-faqu-w3ay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40581?format=api", "vulnerability_id": "VCID-16es-u6cy-u3g8", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45149", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34021", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.33844", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45149" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:05:46Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45149", "reference_id": "CVE-2024-45149", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45149" }, { "reference_url": "https://github.com/advisories/GHSA-w7rg-7wq2-pjrw", "reference_id": "GHSA-w7rg-7wq2-pjrw", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w7rg-7wq2-pjrw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45149", "GHSA-w7rg-7wq2-pjrw" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-16es-u6cy-u3g8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40690?format=api", "vulnerability_id": "VCID-1mpb-gzr2-53ar", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45121", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25049", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24849", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45121" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:50Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45121", "reference_id": "CVE-2024-45121", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45121" }, { "reference_url": "https://github.com/advisories/GHSA-2qhq-fw98-h6wg", "reference_id": "GHSA-2qhq-fw98-h6wg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2qhq-fw98-h6wg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45121", "GHSA-2qhq-fw98-h6wg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1mpb-gzr2-53ar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40736?format=api", "vulnerability_id": "VCID-78hy-q8kh-kyh7", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45123", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79788", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79723", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45123" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:45Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45123", "reference_id": "CVE-2024-45123", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45123" }, { "reference_url": "https://github.com/advisories/GHSA-88x2-cq34-5fwc", "reference_id": "GHSA-88x2-cq34-5fwc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-88x2-cq34-5fwc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45123", "GHSA-88x2-cq34-5fwc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-78hy-q8kh-kyh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40263?format=api", "vulnerability_id": "VCID-7j68-gund-4qhp", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and affect confidentiality. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45132", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32503", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3232", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45132" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:02:03Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45132", "reference_id": "CVE-2024-45132", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45132" }, { "reference_url": "https://github.com/advisories/GHSA-5f64-ppmg-cvvm", "reference_id": "GHSA-5f64-ppmg-cvvm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5f64-ppmg-cvvm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45132", "GHSA-5f64-ppmg-cvvm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7j68-gund-4qhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40569?format=api", "vulnerability_id": "VCID-8gwb-c3ck-37f8", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45129", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24182", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24378", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45129" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:07:37Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45129", "reference_id": "CVE-2024-45129", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45129" }, { "reference_url": "https://github.com/advisories/GHSA-m58h-998x-66f3", "reference_id": "GHSA-m58h-998x-66f3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m58h-998x-66f3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45129", "GHSA-m58h-998x-66f3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8gwb-c3ck-37f8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40380?format=api", "vulnerability_id": "VCID-a6gj-zm14-aqhq", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity and availability. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45128", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14085", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13962", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45128" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:53:58Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45128", "reference_id": "CVE-2024-45128", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45128" }, { "reference_url": "https://github.com/advisories/GHSA-qpp7-742q-58j3", "reference_id": "GHSA-qpp7-742q-58j3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qpp7-742q-58j3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45128", "GHSA-qpp7-742q-58j3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a6gj-zm14-aqhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40470?format=api", "vulnerability_id": "VCID-ax9q-y1rb-33b2", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45124", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27116", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26913", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45124" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:54:17Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45124", "reference_id": "CVE-2024-45124", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45124" }, { "reference_url": "https://github.com/advisories/GHSA-w3p2-pc3h-69wv", "reference_id": "GHSA-w3p2-pc3h-69wv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w3p2-pc3h-69wv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45124", "GHSA-w3p2-pc3h-69wv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ax9q-y1rb-33b2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40273?format=api", "vulnerability_id": "VCID-bfp1-cndf-d7d7", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45119", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57905", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57792", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45119" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:58:44Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45119", "reference_id": "CVE-2024-45119", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45119" }, { "reference_url": "https://github.com/advisories/GHSA-g9fm-wc6h-pvgj", "reference_id": "GHSA-g9fm-wc6h-pvgj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g9fm-wc6h-pvgj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45119", "GHSA-g9fm-wc6h-pvgj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bfp1-cndf-d7d7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40181?format=api", "vulnerability_id": "VCID-dktm-v3jw-f7de", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature bypass. An attacker could exploit this vulnerability to alter a condition between the check and the use of a resource, having a low impact on integrity. Exploitation of this issue requires user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45120", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22698", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22503", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45120" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:01:07Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45120", "reference_id": "CVE-2024-45120", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45120" }, { "reference_url": "https://github.com/advisories/GHSA-47jp-46c9-25vf", "reference_id": "GHSA-47jp-46c9-25vf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-47jp-46c9-25vf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45120", "GHSA-47jp-46c9-25vf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dktm-v3jw-f7de" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40291?format=api", "vulnerability_id": "VCID-e2t8-b5yy-zkhn", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An admin attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45135", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34623", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34446", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45135" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:00:24Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45135", "reference_id": "CVE-2024-45135", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45135" }, { "reference_url": "https://github.com/advisories/GHSA-8pxg-gcp4-57ww", "reference_id": "GHSA-8pxg-gcp4-57ww", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8pxg-gcp4-57ww" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45135", "GHSA-8pxg-gcp4-57ww" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e2t8-b5yy-zkhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40168?format=api", "vulnerability_id": "VCID-ggtj-fbzy-87fx", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45122", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30682", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30485", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45122" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:59:49Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45122", "reference_id": "CVE-2024-45122", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45122" }, { "reference_url": "https://github.com/advisories/GHSA-46fm-x82m-5f74", "reference_id": "GHSA-46fm-x82m-5f74", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-46fm-x82m-5f74" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45122", "GHSA-46fm-x82m-5f74" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ggtj-fbzy-87fx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40170?format=api", "vulnerability_id": "VCID-kfct-k5af-n7fu", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code. If an admin attacker can trick a user into clicking a specially crafted link or submitting a form, malicious scripts may be executed within the context of the victim's browser and have high impact on confidentiality and integrity. Exploitation of this issue requires user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45116", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.83391", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01833", "scoring_system": "epss", "scoring_elements": "0.8333", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45116" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-10T13:56:29Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45116", "reference_id": "CVE-2024-45116", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45116" }, { "reference_url": "https://github.com/advisories/GHSA-873m-72g6-853g", "reference_id": "GHSA-873m-72g6-853g", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-873m-72g6-853g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45116", "GHSA-873m-72g6-853g" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kfct-k5af-n7fu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40233?format=api", "vulnerability_id": "VCID-mccb-abc5-9yfs", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have high impact on integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45118", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25049", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24849", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45118" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:45:03Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45118", "reference_id": "CVE-2024-45118", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45118" }, { "reference_url": "https://github.com/advisories/GHSA-cg52-68fv-94qq", "reference_id": "GHSA-cg52-68fv-94qq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cg52-68fv-94qq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45118", "GHSA-cg52-68fv-94qq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mccb-abc5-9yfs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40506?format=api", "vulnerability_id": "VCID-ngx2-ewzf-xbd4", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to read files from the system outside of the intended directories via PHP filter chain and also can have a low-availability impact on the service. Exploitation of this issue does not require user interaction and scope is changed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45117", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49812", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49675", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45117" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L" }, { "value": "6.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L" }, { "value": "6.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:07:29Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45117", "reference_id": "CVE-2024-45117", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L" }, { "value": "6.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45117" }, { "reference_url": "https://github.com/advisories/GHSA-3fr3-gcqh-3m2g", "reference_id": "GHSA-3fr3-gcqh-3m2g", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3fr3-gcqh-3m2g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45117", "GHSA-3fr3-gcqh-3m2g" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ngx2-ewzf-xbd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40624?format=api", "vulnerability_id": "VCID-pb4n-m8cv-9bb7", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to have a low impact on integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45125", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21237", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21419", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45125" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:06:28Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45125", "reference_id": "CVE-2024-45125", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45125" }, { "reference_url": "https://github.com/advisories/GHSA-xg36-8c2v-jpxh", "reference_id": "GHSA-xg36-8c2v-jpxh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xg36-8c2v-jpxh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45125", "GHSA-xg36-8c2v-jpxh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pb4n-m8cv-9bb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40833?format=api", "vulnerability_id": "VCID-rw4d-b9yt-mbhz", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45127", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01887", "scoring_system": "epss", "scoring_elements": "0.83639", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01887", "scoring_system": "epss", "scoring_elements": "0.8358", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45127" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:55Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45127", "reference_id": "CVE-2024-45127", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45127" }, { "reference_url": "https://github.com/advisories/GHSA-c89g-gq5r-2xw2", "reference_id": "GHSA-c89g-gq5r-2xw2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c89g-gq5r-2xw2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45127", "GHSA-c89g-gq5r-2xw2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rw4d-b9yt-mbhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40770?format=api", "vulnerability_id": "VCID-s45p-jru3-w3df", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45133", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28838", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28638", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45133" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:54:05Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45133", "reference_id": "CVE-2024-45133", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45133" }, { "reference_url": "https://github.com/advisories/GHSA-j3mh-wx5f-2vhg", "reference_id": "GHSA-j3mh-wx5f-2vhg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j3mh-wx5f-2vhg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45133", "GHSA-j3mh-wx5f-2vhg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s45p-jru3-w3df" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40636?format=api", "vulnerability_id": "VCID-twda-bvut-9bhp", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45134", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.30641", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.3084", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45134" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:05:23Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45134", "reference_id": "CVE-2024-45134", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45134" }, { "reference_url": "https://github.com/advisories/GHSA-4f89-5cwm-rm5g", "reference_id": "GHSA-4f89-5cwm-rm5g", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4f89-5cwm-rm5g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45134", "GHSA-4f89-5cwm-rm5g" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-twda-bvut-9bhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40166?format=api", "vulnerability_id": "VCID-vgz6-nvj3-xqft", "summary": "Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality and integrity. Exploitation of this issue does not require user interaction.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45131", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32565", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32384", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45131" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html", "reference_id": "apsb24-73.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:02:38Z/" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb24-73.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45131", "reference_id": "CVE-2024-45131", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45131" }, { "reference_url": "https://github.com/advisories/GHSA-xc5p-773w-m3pm", "reference_id": "GHSA-xc5p-773w-m3pm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xc5p-773w-m3pm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33792?format=api", "purl": "pkg:composer/magento/community-edition@2.4.4-p11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }, { "url": "http://public2.vulnerablecode.io/api/packages/33790?format=api", "purl": "pkg:composer/magento/community-edition@2.4.5-p10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10" }, { "url": "http://public2.vulnerablecode.io/api/packages/33789?format=api", "purl": "pkg:composer/magento/community-edition@2.4.6-p8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/33791?format=api", "purl": "pkg:composer/magento/community-edition@2.4.7-p3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-53sd-5nuj-e7d9" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gakd-m2af-z7c2" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-xgh4-b9yn-dkh4" }, { "vulnerability": "VCID-xjd4-w9bn-mbex" }, { "vulnerability": "VCID-xqc4-jf6e-abfg" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3" }, { "url": "http://public2.vulnerablecode.io/api/packages/34330?format=api", "purl": "pkg:composer/magento/community-edition@2.4.8-beta1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vq9-br2m-dbby" }, { "vulnerability": "VCID-313z-h2v4-c3fr" }, { "vulnerability": "VCID-3a8p-9krx-23e8" }, { "vulnerability": "VCID-4nqq-nrne-17a2" }, { "vulnerability": "VCID-5edy-fp8q-97fp" }, { "vulnerability": "VCID-6d1u-exkw-hbfu" }, { "vulnerability": "VCID-7bmk-3ab2-9ba6" }, { "vulnerability": "VCID-9gb1-p5qf-3kd2" }, { "vulnerability": "VCID-9gbf-swtt-7bhz" }, { "vulnerability": "VCID-bvfd-gs5b-dyg7" }, { "vulnerability": "VCID-ctrj-y3d6-a7dv" }, { "vulnerability": "VCID-cyy2-3rr3-jkc8" }, { "vulnerability": "VCID-d9zc-rh9p-4bde" }, { "vulnerability": "VCID-dytj-h56v-bke9" }, { "vulnerability": "VCID-esjc-zzqy-nycf" }, { "vulnerability": "VCID-eusf-bc81-9uhv" }, { "vulnerability": "VCID-ferd-u8gt-akds" }, { "vulnerability": "VCID-fqkf-67fw-cyb8" }, { "vulnerability": "VCID-gac9-1nnp-67cc" }, { "vulnerability": "VCID-gx3s-7cxk-pyfc" }, { "vulnerability": "VCID-gzga-qjaf-kugh" }, { "vulnerability": "VCID-h2ju-dedu-fqad" }, { "vulnerability": "VCID-jc6r-vmnc-r3g9" }, { "vulnerability": "VCID-kjc9-vrhf-hfav" }, { "vulnerability": "VCID-ktnj-j4xu-uufs" }, { "vulnerability": "VCID-kxjv-xm7r-hkhs" }, { "vulnerability": "VCID-ntst-nee5-63d3" }, { "vulnerability": "VCID-pcm6-819d-6uhm" }, { "vulnerability": "VCID-pfvk-8q6r-e7c5" }, { "vulnerability": "VCID-psnm-zaza-tuf9" }, { "vulnerability": "VCID-pu8a-r3v2-g7h9" }, { "vulnerability": "VCID-q68u-w433-tqb9" }, { "vulnerability": "VCID-qh9p-8b9r-mufh" }, { "vulnerability": "VCID-rm7u-jwat-v7f1" }, { "vulnerability": "VCID-t4gd-uv9g-ukh5" }, { "vulnerability": "VCID-twdq-g82m-nqcp" }, { "vulnerability": "VCID-u9vz-axk1-fqfn" }, { "vulnerability": "VCID-wxkj-7zgv-x7bc" }, { "vulnerability": "VCID-z97t-ffda-vfes" }, { "vulnerability": "VCID-za87-d5x9-wuby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1" } ], "aliases": [ "CVE-2024-45131", "GHSA-xc5p-773w-m3pm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vgz6-nvj3-xqft" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11" }