{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","type":"composer","namespace":"magento","name":"community-edition","version":"2.4.4-p11","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.4.6-p13","latest_non_vulnerable_version":"2.4.9-alpha3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124324?format=json","vulnerability_id":"VCID-1vq9-br2m-dbby","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24438","reference_id":"","reference_type":"","scores":[{"value":"0.04462","scoring_system":"epss","scoring_elements":"0.89368","published_at":"2026-06-12T12:55:00Z"},{"value":"0.04462","scoring_system":"epss","scoring_elements":"0.89331","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24438"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24438","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24438"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:43Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-8884-7rm9-mrx4","reference_id":"GHSA-8884-7rm9-mrx4","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8884-7rm9-mrx4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24438","GHSA-8884-7rm9-mrx4"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1vq9-br2m-dbby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124201?format=json","vulnerability_id":"VCID-313z-h2v4-c3fr","summary":"Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24436","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35373","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.3555","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24436"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24436","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24436"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:53Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-ghpr-6qhr-rpp8","reference_id":"GHSA-ghpr-6qhr-rpp8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-ghpr-6qhr-rpp8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24436","GHSA-ghpr-6qhr-rpp8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-313z-h2v4-c3fr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124669?format=json","vulnerability_id":"VCID-3a8p-9krx-23e8","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access affecting Confidentiality and Integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24411","reference_id":"","reference_type":"","scores":[{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.28891","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29093","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24411"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24411","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24411"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:40Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-36hw-x3cc-m258","reference_id":"GHSA-36hw-x3cc-m258","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-36hw-x3cc-m258"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24411","GHSA-36hw-x3cc-m258"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3a8p-9krx-23e8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88199?format=json","vulnerability_id":"VCID-4nqq-nrne-17a2","summary":"Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54266","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18174","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18338","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54266"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"apsb25-94.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:24:32Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54266","reference_id":"CVE-2025-54266","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54266"},{"reference_url":"https://github.com/advisories/GHSA-pcrx-r49h-x2w5","reference_id":"GHSA-pcrx-r49h-x2w5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pcrx-r49h-x2w5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34326?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/34329?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/34331?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34328?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54266","GHSA-pcrx-r49h-x2w5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4nqq-nrne-17a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97922?format=json","vulnerability_id":"VCID-53sd-5nuj-e7d9","summary":"Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable form fields. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49557","reference_id":"","reference_type":"","scores":[{"value":"0.00255","scoring_system":"epss","scoring_elements":"0.49258","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00255","scoring_system":"epss","scoring_elements":"0.4912","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49557"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49557","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49557"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"apsb25-71.html","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:12Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://github.com/advisories/GHSA-8mq8-c243-2335","reference_id":"GHSA-8mq8-c243-2335","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8mq8-c243-2335"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377756?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p15","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p15"},{"url":"http://public2.vulnerablecode.io/api/packages/27375?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bw2-wubb-hqdf"},{"vulnerability":"VCID-2tge-6ken-kqge"},{"vulnerability":"VCID-466x-mpt9-gbgy"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-549e-3kmc-cyfw"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-6gtw-hr2w-5fcd"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7hqr-a671-wfhq"},{"vulnerability":"VCID-8hfe-bt2u-37f9"},{"vulnerability":"VCID-8r3a-tuwb-k3f5"},{"vulnerability":"VCID-96hr-sbyj-27dw"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9kv7-4rer-m3fs"},{"vulnerability":"VCID-afft-etfr-n3ep"},{"vulnerability":"VCID-df8h-8pgg-efg2"},{"vulnerability":"VCID-drw7-nqdq-sfgj"},{"vulnerability":"VCID-e9g4-n5c8-6yf9"},{"vulnerability":"VCID-eban-ja9z-f7ep"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ezee-pmc6-tuc2"},{"vulnerability":"VCID-fb5x-afrq-87aj"},{"vulnerability":"VCID-ff1h-49j6-fygj"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-frhp-vgpt-g7am"},{"vulnerability":"VCID-fz2x-ms14-pkfs"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jkrp-j7st-27f3"},{"vulnerability":"VCID-jnuu-9mt7-jyd5"},{"vulnerability":"VCID-kbkg-d58m-h7bf"},{"vulnerability":"VCID-kf6b-mshs-23fa"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-mb5s-j22m-3qdx"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pzjb-n7ah-ffcg"},{"vulnerability":"VCID-q12a-kwpk-yufv"},{"vulnerability":"VCID-qcwq-814h-63c2"},{"vulnerability":"VCID-qgse-3kg2-7ke7"},{"vulnerability":"VCID-qr8w-qwb5-6uag"},{"vulnerability":"VCID-swsg-c57z-1fe5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u7wj-vk3w-sbb8"},{"vulnerability":"VCID-v4kk-tszr-puge"},{"vulnerability":"VCID-vgck-qufa-y7g8"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xgk2-yecx-q3ff"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-xrwz-zqgd-7yc5"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-zssu-1dmn-sycb"},{"vulnerability":"VCID-zthr-mpwx-1fef"},{"vulnerability":"VCID-zv6m-4py8-3ydq"},{"vulnerability":"VCID-zwem-swqk-1kaz"},{"vulnerability":"VCID-zym7-1cr7-mkaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/377522?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/377521?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377520?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/34327?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-49557","GHSA-8mq8-c243-2335"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-53sd-5nuj-e7d9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124340?format=json","vulnerability_id":"VCID-5edy-fp8q-97fp","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24417","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.803","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80361","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24417"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24417","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24417"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-g3j6-9753-8mp2","reference_id":"GHSA-g3j6-9753-8mp2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-g3j6-9753-8mp2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24417","GHSA-g3j6-9753-8mp2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5edy-fp8q-97fp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87661?format=json","vulnerability_id":"VCID-6d1u-exkw-hbfu","summary":"Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54236","reference_id":"","reference_type":"","scores":[{"value":"0.72152","scoring_system":"epss","scoring_elements":"0.98777","published_at":"2026-06-12T12:55:00Z"},{"value":"0.72152","scoring_system":"epss","scoring_elements":"0.98772","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54236"},{"reference_url":"https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nullsecurityx.codes/cve-2025-54236-sessionreaper-unauthenticated-rce-in-magento","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nullsecurityx.codes/cve-2025-54236-sessionreaper-unauthenticated-rce-in-magento"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54236","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54236"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54236","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54236"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-88.html","reference_id":"apsb25-88.html","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-10-24T14:08:30Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-88.html"},{"reference_url":"https://github.com/advisories/GHSA-wh92-6q6g-px7j","reference_id":"GHSA-wh92-6q6g-px7j","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wh92-6q6g-px7j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/380834?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-158t-bqnb-83d4"},{"vulnerability":"VCID-1bw2-wubb-hqdf"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-2tge-6ken-kqge"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-3ydj-usv4-47fq"},{"vulnerability":"VCID-466x-mpt9-gbgy"},{"vulnerability":"VCID-4b5p-wqtj-7kbe"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-549e-3kmc-cyfw"},{"vulnerability":"VCID-6gtw-hr2w-5fcd"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7hqr-a671-wfhq"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8hfe-bt2u-37f9"},{"vulnerability":"VCID-8r3a-tuwb-k3f5"},{"vulnerability":"VCID-96hr-sbyj-27dw"},{"vulnerability":"VCID-afft-etfr-n3ep"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-df8h-8pgg-efg2"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-e9g4-n5c8-6yf9"},{"vulnerability":"VCID-eban-ja9z-f7ep"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ezee-pmc6-tuc2"},{"vulnerability":"VCID-fb5x-afrq-87aj"},{"vulnerability":"VCID-ff1h-49j6-fygj"},{"vulnerability":"VCID-frhp-vgpt-g7am"},{"vulnerability":"VCID-fz2x-ms14-pkfs"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jeur-3jww-dqee"},{"vulnerability":"VCID-jkrp-j7st-27f3"},{"vulnerability":"VCID-jnuu-9mt7-jyd5"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kbkg-d58m-h7bf"},{"vulnerability":"VCID-kf6b-mshs-23fa"},{"vulnerability":"VCID-mb5s-j22m-3qdx"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pzjb-n7ah-ffcg"},{"vulnerability":"VCID-q12a-kwpk-yufv"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qgse-3kg2-7ke7"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-qr8w-qwb5-6uag"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-swsg-c57z-1fe5"},{"vulnerability":"VCID-u52p-wrjp-quhk"},{"vulnerability":"VCID-u7wj-vk3w-sbb8"},{"vulnerability":"VCID-v4kk-tszr-puge"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-xgk2-yecx-q3ff"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-xrwz-zqgd-7yc5"},{"vulnerability":"VCID-zssu-1dmn-sycb"},{"vulnerability":"VCID-zthr-mpwx-1fef"},{"vulnerability":"VCID-zv6m-4py8-3ydq"},{"vulnerability":"VCID-zwem-swqk-1kaz"},{"vulnerability":"VCID-zym7-1cr7-mkaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/380578?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-158t-bqnb-83d4"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1bw2-wubb-hqdf"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-3ydj-usv4-47fq"},{"vulnerability":"VCID-466x-mpt9-gbgy"},{"vulnerability":"VCID-4b5p-wqtj-7kbe"},{"vulnerability":"VCID-549e-3kmc-cyfw"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-8hfe-bt2u-37f9"},{"vulnerability":"VCID-96hr-sbyj-27dw"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-e9g4-n5c8-6yf9"},{"vulnerability":"VCID-eban-ja9z-f7ep"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-fb5x-afrq-87aj"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-frhp-vgpt-g7am"},{"vulnerability":"VCID-fz2x-ms14-pkfs"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jeur-3jww-dqee"},{"vulnerability":"VCID-jkrp-j7st-27f3"},{"vulnerability":"VCID-jnuu-9mt7-jyd5"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kf6b-mshs-23fa"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-pzjb-n7ah-ffcg"},{"vulnerability":"VCID-q12a-kwpk-yufv"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-qr8w-qwb5-6uag"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-u52p-wrjp-quhk"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgk2-yecx-q3ff"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-za87-d5x9-wuby"},{"vulnerability":"VCID-zssu-1dmn-sycb"},{"vulnerability":"VCID-zthr-mpwx-1fef"},{"vulnerability":"VCID-zv6m-4py8-3ydq"},{"vulnerability":"VCID-zwem-swqk-1kaz"},{"vulnerability":"VCID-zym7-1cr7-mkaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p2"}],"aliases":["CVE-2025-54236","GHSA-wh92-6q6g-px7j"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6d1u-exkw-hbfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88207?format=json","vulnerability_id":"VCID-7bmk-3ab2-9ba6","summary":"Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to elevated privileges that increase integrity impact to high. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54267","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20479","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20657","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54267"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"apsb25-94.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-16T03:56:04Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54267","reference_id":"CVE-2025-54267","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54267"},{"reference_url":"https://github.com/advisories/GHSA-qvwr-p3hj-j6jf","reference_id":"GHSA-qvwr-p3hj-j6jf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qvwr-p3hj-j6jf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34326?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/34329?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/34331?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34328?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54267","GHSA-qvwr-p3hj-j6jf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7bmk-3ab2-9ba6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/98404?format=json","vulnerability_id":"VCID-9gb1-p5qf-3kd2","summary":"Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability by manipulating the timing between the check of a resource's state and its use, allowing unauthorized write access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49558","reference_id":"","reference_type":"","scores":[{"value":"0.01616","scoring_system":"epss","scoring_elements":"0.82277","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01616","scoring_system":"epss","scoring_elements":"0.82215","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49558"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49558","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49558"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"apsb25-71.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:13Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://github.com/advisories/GHSA-wcmw-8xpp-rwfj","reference_id":"GHSA-wcmw-8xpp-rwfj","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wcmw-8xpp-rwfj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377522?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/377521?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377520?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/377519?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/377518?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2"}],"aliases":["CVE-2025-49558","GHSA-wcmw-8xpp-rwfj"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9gb1-p5qf-3kd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124633?format=json","vulnerability_id":"VCID-9gbf-swtt-7bhz","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24424","reference_id":"","reference_type":"","scores":[{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45317","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45466","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24424"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24424","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24424"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:44Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-539v-w87w-w62c","reference_id":"GHSA-539v-w87w-w62c","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-539v-w87w-w62c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24424","GHSA-539v-w87w-w62c"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9gbf-swtt-7bhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/117174?format=json","vulnerability_id":"VCID-bvfd-gs5b-dyg7","summary":"Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27190","reference_id":"","reference_type":"","scores":[{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50382","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50515","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27190"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27190","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27190"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html","reference_id":"apsb25-26.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:02Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html"},{"reference_url":"https://github.com/advisories/GHSA-6wq7-cg9h-mj6q","reference_id":"GHSA-6wq7-cg9h-mj6q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6wq7-cg9h-mj6q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376305?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/376304?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/376303?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/376302?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-27190","GHSA-6wq7-cg9h-mj6q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bvfd-gs5b-dyg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124816?format=json","vulnerability_id":"VCID-ctrj-y3d6-a7dv","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24434","reference_id":"","reference_type":"","scores":[{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44103","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44257","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24434"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24434","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24434"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:37Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-fppq-f2m6-xv5c","reference_id":"GHSA-fppq-f2m6-xv5c","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fppq-f2m6-xv5c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24434","GHSA-fppq-f2m6-xv5c"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ctrj-y3d6-a7dv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124822?format=json","vulnerability_id":"VCID-cyy2-3rr3-jkc8","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to read select data. Exploitation of this issue does not require user interaction","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24421","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.3555","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35373","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24421"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24421","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24421"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:01Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-v6r2-425c-hfrr","reference_id":"GHSA-v6r2-425c-hfrr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v6r2-425c-hfrr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24421","GHSA-v6r2-425c-hfrr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cyy2-3rr3-jkc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124768?format=json","vulnerability_id":"VCID-d9zc-rh9p-4bde","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass allowing read only access. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24429","reference_id":"","reference_type":"","scores":[{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39695","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39865","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24429"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24429","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24429"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-656q-fx2w-8ccv","reference_id":"GHSA-656q-fx2w-8ccv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-656q-fx2w-8ccv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24429","GHSA-656q-fx2w-8ccv"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d9zc-rh9p-4bde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124253?format=json","vulnerability_id":"VCID-dytj-h56v-bke9","summary":"Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to modify limited fields. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24435","reference_id":"","reference_type":"","scores":[{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40491","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40659","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24435"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24435","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24435"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:16Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-82p4-55gj-956p","reference_id":"GHSA-82p4-55gj-956p","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-82p4-55gj-956p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24435","GHSA-82p4-55gj-956p"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dytj-h56v-bke9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124732?format=json","vulnerability_id":"VCID-esjc-zzqy-nycf","summary":"Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Information Exposure vulnerability that could result in privilege escalation. A low-privileged attacker could gain unauthorized access to sensitive information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24408","reference_id":"","reference_type":"","scores":[{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.5972","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59828","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24408"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24408","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24408"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:13Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-3cfg-w257-cgf8","reference_id":"GHSA-3cfg-w257-cgf8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-3cfg-w257-cgf8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24408","GHSA-3cfg-w257-cgf8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-esjc-zzqy-nycf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88335?format=json","vulnerability_id":"VCID-eusf-bc81-9uhv","summary":"Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54263","reference_id":"","reference_type":"","scores":[{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.26114","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25914","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54263"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"apsb25-94.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54263","reference_id":"CVE-2025-54263","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54263"},{"reference_url":"https://github.com/advisories/GHSA-69x9-xp2j-w8g8","reference_id":"GHSA-69x9-xp2j-w8g8","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-69x9-xp2j-w8g8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34326?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/34329?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/34331?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34328?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54263","GHSA-69x9-xp2j-w8g8"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eusf-bc81-9uhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124891?format=json","vulnerability_id":"VCID-ferd-u8gt-akds","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to a security feature bypass. An unauthenticated attacker could exploit this vulnerability to modify files that are stored outside the restricted directory. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24406","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46829","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46685","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24406"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24406","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24406"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:51:36Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-954p-ff72-327w","reference_id":"GHSA-954p-ff72-327w","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-954p-ff72-327w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24406","GHSA-954p-ff72-327w"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ferd-u8gt-akds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97905?format=json","vulnerability_id":"VCID-fqkf-67fw-cyb8","summary":"Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to modify limited data. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49559","reference_id":"","reference_type":"","scores":[{"value":"0.02291","scoring_system":"epss","scoring_elements":"0.85068","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02291","scoring_system":"epss","scoring_elements":"0.85121","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49559"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49559","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49559"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"apsb25-71.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:14Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://github.com/advisories/GHSA-h4f4-gv6h-x824","reference_id":"GHSA-h4f4-gv6h-x824","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-h4f4-gv6h-x824"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377522?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/377521?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377520?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/377519?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/377518?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2"}],"aliases":["CVE-2025-49559","GHSA-h4f4-gv6h-x824"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fqkf-67fw-cyb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124047?format=json","vulnerability_id":"VCID-gac9-1nnp-67cc","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing rate limiting mechanisms. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24432","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27887","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27686","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24432"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24432","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24432"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T19:09:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-7jmr-43qj-pw47","reference_id":"GHSA-7jmr-43qj-pw47","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7jmr-43qj-pw47"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24432","GHSA-7jmr-43qj-pw47"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gac9-1nnp-67cc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/98222?format=json","vulnerability_id":"VCID-gakd-m2af-z7c2","summary":"Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49550","reference_id":"","reference_type":"","scores":[{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.65051","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64951","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49550"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49550","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49550"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html","reference_id":"apsb25-50.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T18:07:51Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html"},{"reference_url":"https://github.com/advisories/GHSA-8hcx-xvww-6c6h","reference_id":"GHSA-8hcx-xvww-6c6h","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8hcx-xvww-6c6h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/378550?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/378549?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/378548?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/34327?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-49550","GHSA-8hcx-xvww-6c6h"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gakd-m2af-z7c2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/98053?format=json","vulnerability_id":"VCID-gx3s-7cxk-pyfc","summary":"Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction, and scope is unchanged.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49556","reference_id":"","reference_type":"","scores":[{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77994","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01048","scoring_system":"epss","scoring_elements":"0.77927","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49556"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49556","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49556"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"apsb25-71.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:18:25Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://github.com/advisories/GHSA-7hrj-3c9x-xv5h","reference_id":"GHSA-7hrj-3c9x-xv5h","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7hrj-3c9x-xv5h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377522?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/377521?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377520?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/377519?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/377518?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2"}],"aliases":["CVE-2025-49556","GHSA-7hrj-3c9x-xv5h"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gx3s-7cxk-pyfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124171?format=json","vulnerability_id":"VCID-gzga-qjaf-kugh","summary":"Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24428","reference_id":"","reference_type":"","scores":[{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77716","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77648","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24428"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24428","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24428"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:10Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-mm87-rrqx-94cr","reference_id":"GHSA-mm87-rrqx-94cr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mm87-rrqx-94cr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24428","GHSA-mm87-rrqx-94cr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gzga-qjaf-kugh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87827?format=json","vulnerability_id":"VCID-h2ju-dedu-fqad","summary":"Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54265","reference_id":"","reference_type":"","scores":[{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29688","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29491","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54265"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"apsb25-94.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T20:35:42Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54265","reference_id":"CVE-2025-54265","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54265"},{"reference_url":"https://github.com/advisories/GHSA-r355-75hw-r8jf","reference_id":"GHSA-r355-75hw-r8jf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r355-75hw-r8jf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34326?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/34329?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/34331?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34328?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54265","GHSA-r355-75hw-r8jf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h2ju-dedu-fqad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/117136?format=json","vulnerability_id":"VCID-jc6r-vmnc-r3g9","summary":"Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27188","reference_id":"","reference_type":"","scores":[{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36317","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36497","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27188"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27188","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27188"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html","reference_id":"apsb25-26.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:30Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html"},{"reference_url":"https://github.com/advisories/GHSA-rr2g-rrjj-xw86","reference_id":"GHSA-rr2g-rrjj-xw86","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rr2g-rrjj-xw86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376305?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/376304?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/376303?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/30241?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-141w-faqu-w3ay"},{"vulnerability":"VCID-16es-u6cy-u3g8"},{"vulnerability":"VCID-1mpb-gzr2-53ar"},{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-2t3q-pmg5-qyhn"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-368r-um85-k3d2"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-3s5p-wb18-13ge"},{"vulnerability":"VCID-3uj4-thpr-cue1"},{"vulnerability":"VCID-466x-mpt9-gbgy"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-6v47-xgpq-zkgf"},{"vulnerability":"VCID-78hy-q8kh-kyh7"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-7j68-gund-4qhp"},{"vulnerability":"VCID-8365-zgh2-w3cc"},{"vulnerability":"VCID-8gwb-c3ck-37f8"},{"vulnerability":"VCID-8hfe-bt2u-37f9"},{"vulnerability":"VCID-96hr-sbyj-27dw"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-a6gj-zm14-aqhq"},{"vulnerability":"VCID-ax9q-y1rb-33b2"},{"vulnerability":"VCID-bfp1-cndf-d7d7"},{"vulnerability":"VCID-bftg-2sea-57cv"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dktm-v3jw-f7de"},{"vulnerability":"VCID-dsy7-gm7v-tqc8"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-e2t8-b5yy-zkhn"},{"vulnerability":"VCID-e9g4-n5c8-6yf9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fb5x-afrq-87aj"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-ggtj-fbzy-87fx"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gxbc-u5mr-f3c9"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-j9e4-4xta-6qc5"},{"vulnerability":"VCID-jkrp-j7st-27f3"},{"vulnerability":"VCID-jnuu-9mt7-jyd5"},{"vulnerability":"VCID-jyhf-huep-tya2"},{"vulnerability":"VCID-kfct-k5af-n7fu"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-mccb-abc5-9yfs"},{"vulnerability":"VCID-ngx2-ewzf-xbd4"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pb4n-m8cv-9bb7"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q12a-kwpk-yufv"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qbx1-jqke-v7hf"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-qnpc-4r4b-3uhx"},{"vulnerability":"VCID-qr8w-qwb5-6uag"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-rw4d-b9yt-mbhz"},{"vulnerability":"VCID-s45p-jru3-w3df"},{"vulnerability":"VCID-s7t9-h2jx-9bgr"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twda-bvut-9bhp"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-vgz6-nvj3-xqft"},{"vulnerability":"VCID-vwpg-z9en-6yej"},{"vulnerability":"VCID-wfdz-b6c4-quhq"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xmby-7b1y-v3cn"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"},{"vulnerability":"VCID-zssu-1dmn-sycb"},{"vulnerability":"VCID-zym7-1cr7-mkaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/376302?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5"},{"url":"http://public2.vulnerablecode.io/api/packages/34325?format=json","purl":"pkg:composer/magento/community-edition@2.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8"}],"aliases":["CVE-2025-27188","GHSA-rr2g-rrjj-xw86"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jc6r-vmnc-r3g9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124493?format=json","vulnerability_id":"VCID-kjc9-vrhf-hfav","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24427","reference_id":"","reference_type":"","scores":[{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40491","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40659","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24427"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24427","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24427"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:04Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-v3hq-g424-5mgg","reference_id":"GHSA-v3hq-g424-5mgg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v3hq-g424-5mgg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24427","GHSA-v3hq-g424-5mgg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kjc9-vrhf-hfav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97819?format=json","vulnerability_id":"VCID-ktnj-j4xu-uufs","summary":"Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in privilege escalation. A high-privileged attacker could trick a victim into executing unintended actions on a web application where the victim is authenticated, potentially allowing unauthorized access or modification of sensitive data. Exploitation of this issue requires user interaction in that a victim must visit a malicious website or click on a crafted link. Scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49555","reference_id":"","reference_type":"","scores":[{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59261","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59149","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49555"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49555","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49555"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"apsb25-71.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T15:04:10Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://github.com/advisories/GHSA-5777-jj7p-mpqw","reference_id":"GHSA-5777-jj7p-mpqw","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-5777-jj7p-mpqw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377522?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/377521?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377520?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/377519?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/377518?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2"}],"aliases":["CVE-2025-49555","GHSA-5777-jj7p-mpqw"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ktnj-j4xu-uufs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/116898?format=json","vulnerability_id":"VCID-kxjv-xm7r-hkhs","summary":"Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27191","reference_id":"","reference_type":"","scores":[{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50382","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50515","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27191"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27191","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27191"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html","reference_id":"apsb25-26.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:08Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html"},{"reference_url":"https://github.com/advisories/GHSA-vhcq-4xrm-2cr2","reference_id":"GHSA-vhcq-4xrm-2cr2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vhcq-4xrm-2cr2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376305?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/376304?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/376303?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/376302?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-27191","GHSA-vhcq-4xrm-2cr2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kxjv-xm7r-hkhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124632?format=json","vulnerability_id":"VCID-ntst-nee5-63d3","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24410","reference_id":"","reference_type":"","scores":[{"value":"0.01784","scoring_system":"epss","scoring_elements":"0.83137","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01784","scoring_system":"epss","scoring_elements":"0.83198","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24410"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24410","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24410"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:38Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-gjxp-46rq-wg4q","reference_id":"GHSA-gjxp-46rq-wg4q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gjxp-46rq-wg4q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24410","GHSA-gjxp-46rq-wg4q"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ntst-nee5-63d3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87743?format=json","vulnerability_id":"VCID-pcm6-819d-6uhm","summary":"Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54264","reference_id":"","reference_type":"","scores":[{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.44191","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.44038","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54264"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html","reference_id":"apsb25-94.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:28Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-94.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54264","reference_id":"CVE-2025-54264","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54264"},{"reference_url":"https://github.com/advisories/GHSA-2768-5wmv-cfff","reference_id":"GHSA-2768-5wmv-cfff","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2768-5wmv-cfff"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34326?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/34329?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/34331?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34328?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha3"}],"aliases":["CVE-2025-54264","GHSA-2768-5wmv-cfff"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pcm6-819d-6uhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124042?format=json","vulnerability_id":"VCID-pfvk-8q6r-e7c5","summary":"Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain elevated privileges. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24437","reference_id":"","reference_type":"","scores":[{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35704","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35884","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24437"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24437","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24437"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:35Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-469f-wf4f-3jjv","reference_id":"GHSA-469f-wf4f-3jjv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-469f-wf4f-3jjv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24437","GHSA-469f-wf4f-3jjv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pfvk-8q6r-e7c5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124216?format=json","vulnerability_id":"VCID-psnm-zaza-tuf9","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24414","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.803","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80361","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24414"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24414","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24414"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:45Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-fhw6-3mj5-w9gv","reference_id":"GHSA-fhw6-3mj5-w9gv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fhw6-3mj5-w9gv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24414","GHSA-fhw6-3mj5-w9gv"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-psnm-zaza-tuf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124011?format=json","vulnerability_id":"VCID-pu8a-r3v2-g7h9","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24416","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.803","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80361","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24416"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24416","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24416"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:48Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-rjjw-g6hw-7pc9","reference_id":"GHSA-rjjw-g6hw-7pc9","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rjjw-g6hw-7pc9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24416","GHSA-rjjw-g6hw-7pc9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pu8a-r3v2-g7h9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/116851?format=json","vulnerability_id":"VCID-q68u-w433-tqb9","summary":"Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could lead to a security feature bypass. A high privileged attacker could exploit this vulnerability to gain unauthorized access to protected resources by obtaining sensitive credential information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27192","reference_id":"","reference_type":"","scores":[{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28266","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28067","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27192"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27192","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27192"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html","reference_id":"apsb25-26.html","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:23Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html"},{"reference_url":"https://github.com/advisories/GHSA-2r94-wm5v-4prx","reference_id":"GHSA-2r94-wm5v-4prx","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-2r94-wm5v-4prx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376305?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/376304?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/376303?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/376302?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-27192","GHSA-2r94-wm5v-4prx"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q68u-w433-tqb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124648?format=json","vulnerability_id":"VCID-qh9p-8b9r-mufh","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24412","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.803","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80361","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24412"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24412","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24412"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:41Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-m4rg-mpp2-97px","reference_id":"GHSA-m4rg-mpp2-97px","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m4rg-mpp2-97px"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24412","GHSA-m4rg-mpp2-97px"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qh9p-8b9r-mufh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124166?format=json","vulnerability_id":"VCID-rm7u-jwat-v7f1","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11  and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both a High impact to confidentiality and Low impact to integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24409","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34804","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34983","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24409"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24409","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24409"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T19:11:11Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-vw47-79jv-3598","reference_id":"GHSA-vw47-79jv-3598","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vw47-79jv-3598"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24409","GHSA-vw47-79jv-3598"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rm7u-jwat-v7f1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124016?format=json","vulnerability_id":"VCID-t4gd-uv9g-ukh5","summary":"Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Business Logic Error vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to circumvent intended security mechanisms by manipulating the logic of the application's operations causing limited data modification. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24425","reference_id":"","reference_type":"","scores":[{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.48044","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.48182","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24425"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24425","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24425"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:51:39Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-6ff8-jrfg-43hh","reference_id":"GHSA-6ff8-jrfg-43hh","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6ff8-jrfg-43hh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24425","GHSA-6ff8-jrfg-43hh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t4gd-uv9g-ukh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97813?format=json","vulnerability_id":"VCID-twdq-g82m-nqcp","summary":"Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input, causing the application to crash or become unresponsive. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49554","reference_id":"","reference_type":"","scores":[{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77538","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01005","scoring_system":"epss","scoring_elements":"0.77469","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49554"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49554","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49554"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html","reference_id":"apsb25-71.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:18:27Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-71.html"},{"reference_url":"https://github.com/advisories/GHSA-xgfm-992v-h2hr","reference_id":"GHSA-xgfm-992v-h2hr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xgfm-992v-h2hr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377522?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p14"},{"url":"http://public2.vulnerablecode.io/api/packages/377521?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377520?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/377519?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/377518?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-pcm6-819d-6uhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha2"}],"aliases":["CVE-2025-49554","GHSA-xgfm-992v-h2hr"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-twdq-g82m-nqcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124757?format=json","vulnerability_id":"VCID-u9vz-axk1-fqfn","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24415","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.803","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80361","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24415"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24415","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24415"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:47Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-gc27-rvvm-q77r","reference_id":"GHSA-gc27-rvvm-q77r","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gc27-rvvm-q77r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24415","GHSA-gc27-rvvm-q77r"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u9vz-axk1-fqfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124857?format=json","vulnerability_id":"VCID-wxkj-7zgv-x7bc","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing rate limiting mechanisms. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24430","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27887","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27686","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24430"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24430","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24430"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:47Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-6w27-c66f-gvhq","reference_id":"GHSA-6w27-c66f-gvhq","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6w27-c66f-gvhq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24430","GHSA-6w27-c66f-gvhq"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wxkj-7zgv-x7bc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/117249?format=json","vulnerability_id":"VCID-xgh4-b9yn-dkh4","summary":"Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited write access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27206","reference_id":"","reference_type":"","scores":[{"value":"0.00706","scoring_system":"epss","scoring_elements":"0.72594","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00706","scoring_system":"epss","scoring_elements":"0.72671","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27206"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27206","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27206"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html","reference_id":"apsb25-50.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T18:08:33Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html"},{"reference_url":"https://github.com/advisories/GHSA-g2pj-xmxq-3r9q","reference_id":"GHSA-g2pj-xmxq-3r9q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-g2pj-xmxq-3r9q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/378550?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/378549?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/378548?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/34327?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-27206","GHSA-g2pj-xmxq-3r9q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xgh4-b9yn-dkh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88657?format=json","vulnerability_id":"VCID-xjd4-w9bn-mbex","summary":"Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access leading to a limited impact to confidentiality and a high impact to integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-43585","reference_id":"","reference_type":"","scores":[{"value":"0.00591","scoring_system":"epss","scoring_elements":"0.69786","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00591","scoring_system":"epss","scoring_elements":"0.69695","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-43585"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-43585","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-43585"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html","reference_id":"apsb25-50.html","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-10T17:23:05Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html"},{"reference_url":"https://github.com/advisories/GHSA-r487-9vv5-75gg","reference_id":"GHSA-r487-9vv5-75gg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-r487-9vv5-75gg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/378550?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/378549?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/378548?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/34327?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-43585","GHSA-r487-9vv5-75gg"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xjd4-w9bn-mbex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97932?format=json","vulnerability_id":"VCID-xqc4-jf6e-abfg","summary":"Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49549","reference_id":"","reference_type":"","scores":[{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.67108","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.67016","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49549"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49549","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-49549"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html","reference_id":"apsb25-50.html","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T18:12:28Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html"},{"reference_url":"https://github.com/advisories/GHSA-85jx-x9r4-45m2","reference_id":"GHSA-85jx-x9r4-45m2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-85jx-x9r4-45m2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/378550?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/378549?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/378548?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/34327?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-49549","GHSA-85jx-x9r4-45m2"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xqc4-jf6e-abfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/119460?format=json","vulnerability_id":"VCID-z97t-ffda-vfes","summary":"Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Scope is changed to that of other high-privileged accounts, leading to a high impact on confidentiality, integrity, and availability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47110","reference_id":"","reference_type":"","scores":[{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72759","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00709","scoring_system":"epss","scoring_elements":"0.72682","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47110"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-47110","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-47110"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html","reference_id":"apsb25-50.html","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-10T18:09:25Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-50.html"},{"reference_url":"https://github.com/advisories/GHSA-j934-vjh5-vf9r","reference_id":"GHSA-j934-vjh5-vf9r","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-j934-vjh5-vf9r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/378550?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/378549?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/378548?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/378782?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/34327?format=json","purl":"pkg:composer/magento/community-edition@2.4.9-alpha1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.9-alpha1"}],"aliases":["CVE-2025-47110","GHSA-j934-vjh5-vf9r"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z97t-ffda-vfes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124512?format=json","vulnerability_id":"VCID-za87-d5x9-wuby","summary":"Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24413","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.803","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80361","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24413"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24413","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24413"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"apsb25-08.html","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:44Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://github.com/advisories/GHSA-xwgx-8v72-4j5j","reference_id":"GHSA-xwgx-8v72-4j5j","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xwgx-8v72-4j5j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/377283?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/377282?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/377281?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/377280?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/376306?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-z97t-ffda-vfes"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24413","GHSA-xwgx-8v72-4j5j"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-za87-d5x9-wuby"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40651?format=json","vulnerability_id":"VCID-141w-faqu-w3ay","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45130","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24182","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24378","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45130"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:01:33Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45130","reference_id":"CVE-2024-45130","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45130"},{"reference_url":"https://github.com/advisories/GHSA-v3v6-jfvw-m576","reference_id":"GHSA-v3v6-jfvw-m576","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v3v6-jfvw-m576"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45130","GHSA-v3v6-jfvw-m576"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-141w-faqu-w3ay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40581?format=json","vulnerability_id":"VCID-16es-u6cy-u3g8","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45149","reference_id":"","reference_type":"","scores":[{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34021","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33844","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45149"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:05:46Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45149","reference_id":"CVE-2024-45149","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45149"},{"reference_url":"https://github.com/advisories/GHSA-w7rg-7wq2-pjrw","reference_id":"GHSA-w7rg-7wq2-pjrw","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w7rg-7wq2-pjrw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45149","GHSA-w7rg-7wq2-pjrw"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-16es-u6cy-u3g8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40690?format=json","vulnerability_id":"VCID-1mpb-gzr2-53ar","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45121","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.25049","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24849","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45121"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45121","reference_id":"CVE-2024-45121","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45121"},{"reference_url":"https://github.com/advisories/GHSA-2qhq-fw98-h6wg","reference_id":"GHSA-2qhq-fw98-h6wg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2qhq-fw98-h6wg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45121","GHSA-2qhq-fw98-h6wg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1mpb-gzr2-53ar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40736?format=json","vulnerability_id":"VCID-78hy-q8kh-kyh7","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45123","reference_id":"","reference_type":"","scores":[{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79788","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79723","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45123"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:45Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45123","reference_id":"CVE-2024-45123","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45123"},{"reference_url":"https://github.com/advisories/GHSA-88x2-cq34-5fwc","reference_id":"GHSA-88x2-cq34-5fwc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-88x2-cq34-5fwc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45123","GHSA-88x2-cq34-5fwc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-78hy-q8kh-kyh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40263?format=json","vulnerability_id":"VCID-7j68-gund-4qhp","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and affect confidentiality. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45132","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32503","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3232","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45132"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:02:03Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45132","reference_id":"CVE-2024-45132","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45132"},{"reference_url":"https://github.com/advisories/GHSA-5f64-ppmg-cvvm","reference_id":"GHSA-5f64-ppmg-cvvm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5f64-ppmg-cvvm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45132","GHSA-5f64-ppmg-cvvm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7j68-gund-4qhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40569?format=json","vulnerability_id":"VCID-8gwb-c3ck-37f8","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45129","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24182","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24378","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45129"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:07:37Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45129","reference_id":"CVE-2024-45129","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45129"},{"reference_url":"https://github.com/advisories/GHSA-m58h-998x-66f3","reference_id":"GHSA-m58h-998x-66f3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m58h-998x-66f3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45129","GHSA-m58h-998x-66f3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8gwb-c3ck-37f8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40380?format=json","vulnerability_id":"VCID-a6gj-zm14-aqhq","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity and availability. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45128","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.14085","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13962","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45128"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:53:58Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45128","reference_id":"CVE-2024-45128","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45128"},{"reference_url":"https://github.com/advisories/GHSA-qpp7-742q-58j3","reference_id":"GHSA-qpp7-742q-58j3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qpp7-742q-58j3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45128","GHSA-qpp7-742q-58j3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a6gj-zm14-aqhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40470?format=json","vulnerability_id":"VCID-ax9q-y1rb-33b2","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45124","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27116","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26913","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45124"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:54:17Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45124","reference_id":"CVE-2024-45124","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45124"},{"reference_url":"https://github.com/advisories/GHSA-w3p2-pc3h-69wv","reference_id":"GHSA-w3p2-pc3h-69wv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w3p2-pc3h-69wv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45124","GHSA-w3p2-pc3h-69wv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ax9q-y1rb-33b2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40273?format=json","vulnerability_id":"VCID-bfp1-cndf-d7d7","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45119","reference_id":"","reference_type":"","scores":[{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57905","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57792","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45119"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:58:44Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45119","reference_id":"CVE-2024-45119","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45119"},{"reference_url":"https://github.com/advisories/GHSA-g9fm-wc6h-pvgj","reference_id":"GHSA-g9fm-wc6h-pvgj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g9fm-wc6h-pvgj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45119","GHSA-g9fm-wc6h-pvgj"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bfp1-cndf-d7d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40181?format=json","vulnerability_id":"VCID-dktm-v3jw-f7de","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature bypass. An attacker could exploit this vulnerability to alter a condition between the check and the use of a resource, having a low impact on integrity. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45120","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22698","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22503","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45120"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:01:07Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45120","reference_id":"CVE-2024-45120","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45120"},{"reference_url":"https://github.com/advisories/GHSA-47jp-46c9-25vf","reference_id":"GHSA-47jp-46c9-25vf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-47jp-46c9-25vf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45120","GHSA-47jp-46c9-25vf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dktm-v3jw-f7de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40291?format=json","vulnerability_id":"VCID-e2t8-b5yy-zkhn","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An admin attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45135","reference_id":"","reference_type":"","scores":[{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34623","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34446","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45135"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:00:24Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45135","reference_id":"CVE-2024-45135","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45135"},{"reference_url":"https://github.com/advisories/GHSA-8pxg-gcp4-57ww","reference_id":"GHSA-8pxg-gcp4-57ww","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8pxg-gcp4-57ww"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45135","GHSA-8pxg-gcp4-57ww"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e2t8-b5yy-zkhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40168?format=json","vulnerability_id":"VCID-ggtj-fbzy-87fx","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45122","reference_id":"","reference_type":"","scores":[{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30682","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30485","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45122"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:59:49Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45122","reference_id":"CVE-2024-45122","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45122"},{"reference_url":"https://github.com/advisories/GHSA-46fm-x82m-5f74","reference_id":"GHSA-46fm-x82m-5f74","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-46fm-x82m-5f74"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45122","GHSA-46fm-x82m-5f74"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ggtj-fbzy-87fx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40170?format=json","vulnerability_id":"VCID-kfct-k5af-n7fu","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code. If an admin attacker can trick a user into clicking a specially crafted link or submitting a form, malicious scripts may be executed within the context of the victim's browser and have high impact on confidentiality and integrity. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45116","reference_id":"","reference_type":"","scores":[{"value":"0.01833","scoring_system":"epss","scoring_elements":"0.83391","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01833","scoring_system":"epss","scoring_elements":"0.8333","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45116"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-10T13:56:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45116","reference_id":"CVE-2024-45116","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45116"},{"reference_url":"https://github.com/advisories/GHSA-873m-72g6-853g","reference_id":"GHSA-873m-72g6-853g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-873m-72g6-853g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45116","GHSA-873m-72g6-853g"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kfct-k5af-n7fu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40233?format=json","vulnerability_id":"VCID-mccb-abc5-9yfs","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have high impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45118","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.25049","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24849","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45118"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:45:03Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45118","reference_id":"CVE-2024-45118","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45118"},{"reference_url":"https://github.com/advisories/GHSA-cg52-68fv-94qq","reference_id":"GHSA-cg52-68fv-94qq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cg52-68fv-94qq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45118","GHSA-cg52-68fv-94qq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mccb-abc5-9yfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40506?format=json","vulnerability_id":"VCID-ngx2-ewzf-xbd4","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to read files from the system outside of the intended directories via PHP filter chain and also can have a low-availability impact on the service. Exploitation of this issue does not require user interaction and scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45117","reference_id":"","reference_type":"","scores":[{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49812","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49675","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45117"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:07:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45117","reference_id":"CVE-2024-45117","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45117"},{"reference_url":"https://github.com/advisories/GHSA-3fr3-gcqh-3m2g","reference_id":"GHSA-3fr3-gcqh-3m2g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3fr3-gcqh-3m2g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45117","GHSA-3fr3-gcqh-3m2g"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ngx2-ewzf-xbd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40624?format=json","vulnerability_id":"VCID-pb4n-m8cv-9bb7","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45125","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21237","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21419","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45125"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:06:28Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45125","reference_id":"CVE-2024-45125","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45125"},{"reference_url":"https://github.com/advisories/GHSA-xg36-8c2v-jpxh","reference_id":"GHSA-xg36-8c2v-jpxh","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xg36-8c2v-jpxh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45125","GHSA-xg36-8c2v-jpxh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pb4n-m8cv-9bb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40833?format=json","vulnerability_id":"VCID-rw4d-b9yt-mbhz","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45127","reference_id":"","reference_type":"","scores":[{"value":"0.01887","scoring_system":"epss","scoring_elements":"0.83639","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01887","scoring_system":"epss","scoring_elements":"0.8358","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45127"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:55Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45127","reference_id":"CVE-2024-45127","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45127"},{"reference_url":"https://github.com/advisories/GHSA-c89g-gq5r-2xw2","reference_id":"GHSA-c89g-gq5r-2xw2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c89g-gq5r-2xw2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45127","GHSA-c89g-gq5r-2xw2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rw4d-b9yt-mbhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40770?format=json","vulnerability_id":"VCID-s45p-jru3-w3df","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45133","reference_id":"","reference_type":"","scores":[{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28838","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28638","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45133"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:54:05Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45133","reference_id":"CVE-2024-45133","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45133"},{"reference_url":"https://github.com/advisories/GHSA-j3mh-wx5f-2vhg","reference_id":"GHSA-j3mh-wx5f-2vhg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j3mh-wx5f-2vhg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45133","GHSA-j3mh-wx5f-2vhg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s45p-jru3-w3df"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40636?format=json","vulnerability_id":"VCID-twda-bvut-9bhp","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45134","reference_id":"","reference_type":"","scores":[{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30641","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.3084","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45134"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:05:23Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45134","reference_id":"CVE-2024-45134","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45134"},{"reference_url":"https://github.com/advisories/GHSA-4f89-5cwm-rm5g","reference_id":"GHSA-4f89-5cwm-rm5g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4f89-5cwm-rm5g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45134","GHSA-4f89-5cwm-rm5g"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-twda-bvut-9bhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40166?format=json","vulnerability_id":"VCID-vgz6-nvj3-xqft","summary":"Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality and integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45131","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32565","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32384","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45131"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"apsb24-73.html","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:02:38Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45131","reference_id":"CVE-2024-45131","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45131"},{"reference_url":"https://github.com/advisories/GHSA-xc5p-773w-m3pm","reference_id":"GHSA-xc5p-773w-m3pm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xc5p-773w-m3pm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33792?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/33790?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/33789?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/33791?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-53sd-5nuj-e7d9"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gakd-m2af-z7c2"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-xgh4-b9yn-dkh4"},{"vulnerability":"VCID-xjd4-w9bn-mbex"},{"vulnerability":"VCID-xqc4-jf6e-abfg"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/34330?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vq9-br2m-dbby"},{"vulnerability":"VCID-313z-h2v4-c3fr"},{"vulnerability":"VCID-3a8p-9krx-23e8"},{"vulnerability":"VCID-4nqq-nrne-17a2"},{"vulnerability":"VCID-5edy-fp8q-97fp"},{"vulnerability":"VCID-6d1u-exkw-hbfu"},{"vulnerability":"VCID-7bmk-3ab2-9ba6"},{"vulnerability":"VCID-9gb1-p5qf-3kd2"},{"vulnerability":"VCID-9gbf-swtt-7bhz"},{"vulnerability":"VCID-bvfd-gs5b-dyg7"},{"vulnerability":"VCID-ctrj-y3d6-a7dv"},{"vulnerability":"VCID-cyy2-3rr3-jkc8"},{"vulnerability":"VCID-d9zc-rh9p-4bde"},{"vulnerability":"VCID-dytj-h56v-bke9"},{"vulnerability":"VCID-esjc-zzqy-nycf"},{"vulnerability":"VCID-eusf-bc81-9uhv"},{"vulnerability":"VCID-ferd-u8gt-akds"},{"vulnerability":"VCID-fqkf-67fw-cyb8"},{"vulnerability":"VCID-gac9-1nnp-67cc"},{"vulnerability":"VCID-gx3s-7cxk-pyfc"},{"vulnerability":"VCID-gzga-qjaf-kugh"},{"vulnerability":"VCID-h2ju-dedu-fqad"},{"vulnerability":"VCID-jc6r-vmnc-r3g9"},{"vulnerability":"VCID-kjc9-vrhf-hfav"},{"vulnerability":"VCID-ktnj-j4xu-uufs"},{"vulnerability":"VCID-kxjv-xm7r-hkhs"},{"vulnerability":"VCID-ntst-nee5-63d3"},{"vulnerability":"VCID-pcm6-819d-6uhm"},{"vulnerability":"VCID-pfvk-8q6r-e7c5"},{"vulnerability":"VCID-psnm-zaza-tuf9"},{"vulnerability":"VCID-pu8a-r3v2-g7h9"},{"vulnerability":"VCID-q68u-w433-tqb9"},{"vulnerability":"VCID-qh9p-8b9r-mufh"},{"vulnerability":"VCID-rm7u-jwat-v7f1"},{"vulnerability":"VCID-t4gd-uv9g-ukh5"},{"vulnerability":"VCID-twdq-g82m-nqcp"},{"vulnerability":"VCID-u9vz-axk1-fqfn"},{"vulnerability":"VCID-wxkj-7zgv-x7bc"},{"vulnerability":"VCID-z97t-ffda-vfes"},{"vulnerability":"VCID-za87-d5x9-wuby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45131","GHSA-xc5p-773w-m3pm"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vgz6-nvj3-xqft"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"}