| 0 |
| url |
VCID-1b6m-qfes-mqab |
| vulnerability_id |
VCID-1b6m-qfes-mqab |
| summary |
Magento Insufficient Session Expiration
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Successful exploitation could lead to unauthorized access to restricted resources. Access to the admin console is not required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.1-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-apue-gaqy-n3cq |
|
| 19 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 20 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 21 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 22 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 23 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 24 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 25 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 26 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 27 |
| vulnerability |
VCID-cae3-fgn1-83hu |
|
| 28 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 29 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 30 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 31 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 32 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 33 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 34 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 35 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 36 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 37 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 38 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 39 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 40 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 41 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 42 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 43 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 44 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 45 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 46 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 47 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 48 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 49 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 50 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 51 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 52 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 53 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 54 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 55 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 56 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 57 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 58 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 59 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 60 |
| vulnerability |
VCID-mtes-xpe5-qkdj |
|
| 61 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 62 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 63 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 64 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 65 |
| vulnerability |
VCID-q4yr-fqww-tbb1 |
|
| 66 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 67 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 68 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 69 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 70 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 71 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 72 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 73 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 74 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 75 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 76 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 77 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 78 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 79 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 80 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 81 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 82 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 83 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 84 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 85 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 86 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 87 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 88 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 89 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 90 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 91 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 92 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 93 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 94 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 95 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 96 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 97 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 98 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 99 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 100 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 101 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 102 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 103 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 104 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 105 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 106 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1 |
|
|
| aliases |
CVE-2021-21031, GHSA-4h3p-63x6-vwg2
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1b6m-qfes-mqab |
|
| 1 |
| url |
VCID-1jsp-392b-2fgb |
| vulnerability_id |
VCID-1jsp-392b-2fgb |
| summary |
Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
Magento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability by manipulating the timing between the check of a resource's state and its use, allowing unauthorized write access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-49558, GHSA-wcmw-8xpp-rwfj
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1jsp-392b-2fgb |
|
| 2 |
| url |
VCID-1k4q-2ttb-13hd |
| vulnerability_id |
VCID-1k4q-2ttb-13hd |
| summary |
Information Exposure
Magento is vulnerable to an Information Disclosure vulnerability when uploading a modified png file to a product image. Successful exploitation could lead to the disclosure of document root path by an unauthenticated attacker. Access to the admin console is required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.2-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.2-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2g87-y8ek-xfdr |
|
| 3 |
| vulnerability |
VCID-2ttz-k7d2-jucf |
|
| 4 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 5 |
| vulnerability |
VCID-36ve-7wxt-z7fz |
|
| 6 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 7 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 8 |
| vulnerability |
VCID-4cbe-djqs-tug1 |
|
| 9 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 10 |
| vulnerability |
VCID-4w1v-es9j-subp |
|
| 11 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 12 |
| vulnerability |
VCID-69wt-c418-mubr |
|
| 13 |
| vulnerability |
VCID-6mjf-p1d9-8qa1 |
|
| 14 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 15 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 16 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 17 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 18 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-8u5e-d6nx-3khc |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 25 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 26 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 27 |
| vulnerability |
VCID-b5hn-f1qk-z7cu |
|
| 28 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 29 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 30 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 31 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 32 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 33 |
| vulnerability |
VCID-c1ta-jffg-cfg9 |
|
| 34 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 35 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 36 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 37 |
| vulnerability |
VCID-cfjt-51xj-qqdw |
|
| 38 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 39 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 40 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 41 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 42 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 43 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 44 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 45 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 46 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 47 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 48 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 49 |
| vulnerability |
VCID-er49-k3tc-ufcu |
|
| 50 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 51 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 52 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 53 |
| vulnerability |
VCID-fz6y-fece-skgr |
|
| 54 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 55 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 56 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 57 |
| vulnerability |
VCID-gxnx-f2qh-3yf9 |
|
| 58 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 59 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 60 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 61 |
| vulnerability |
VCID-hspp-kw5e-akbr |
|
| 62 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 63 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 64 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 65 |
| vulnerability |
VCID-kgws-xvjr-g7bv |
|
| 66 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 67 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 68 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 69 |
| vulnerability |
VCID-kv6x-nz1s-uuar |
|
| 70 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 71 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 72 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 73 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 74 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 75 |
| vulnerability |
VCID-n5mn-3a8f-nbdb |
|
| 76 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 77 |
| vulnerability |
VCID-nn21-hf8r-ykfd |
|
| 78 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 79 |
| vulnerability |
VCID-p1py-xewy-7khn |
|
| 80 |
| vulnerability |
VCID-p9qx-66yy-1kc1 |
|
| 81 |
| vulnerability |
VCID-pm85-dfg2-euep |
|
| 82 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 85 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 86 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 87 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 88 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 89 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 90 |
| vulnerability |
VCID-rgnq-s54v-vkdm |
|
| 91 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 92 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 93 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 94 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 95 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 96 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 97 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 98 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 99 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 100 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 101 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 102 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 103 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 104 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 105 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 106 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 107 |
| vulnerability |
VCID-w42y-yc7r-kqhp |
|
| 108 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 109 |
| vulnerability |
VCID-wh14-k3ex-pubq |
|
| 110 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 111 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 112 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 113 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 114 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 115 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 116 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 117 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 118 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 119 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 120 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 121 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 122 |
| vulnerability |
VCID-ze8y-4wfs-hbf9 |
|
| 123 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.3 |
| purl |
pkg:composer/magento/community-edition@2.4.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 7 |
| vulnerability |
VCID-69wt-c418-mubr |
|
| 8 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 9 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 19 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 20 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 21 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 22 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 23 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 24 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 25 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 28 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 29 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 30 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 31 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 32 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 33 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 34 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 40 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 41 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 42 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 43 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 44 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 45 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 46 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 47 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 48 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 49 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 50 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 51 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 52 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 53 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 54 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 55 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 56 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 57 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 58 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 59 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 60 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 61 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 62 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 63 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 64 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 65 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 66 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 67 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 68 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 69 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 72 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 73 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 74 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 75 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 76 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 77 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 78 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 79 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 80 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 81 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 82 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 83 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 84 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 85 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 86 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 87 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 88 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 89 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 90 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 91 |
| vulnerability |
VCID-y93w-2qcc-wqg8 |
|
| 92 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 93 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 94 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3 |
|
|
| aliases |
CVE-2021-28566, GHSA-w942-fw92-mqm2
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1k4q-2ttb-13hd |
|
| 3 |
| url |
VCID-2vsw-t8k2-4bfm |
| vulnerability_id |
VCID-2vsw-t8k2-4bfm |
| summary |
Adobe Commerce Improper Authorization vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both confidentiality and integrity impact. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24409, GHSA-vw47-79jv-3598
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2vsw-t8k2-4bfm |
|
| 4 |
| url |
VCID-3g5s-hryc-5qa9 |
| vulnerability_id |
VCID-3g5s-hryc-5qa9 |
| summary |
Magneto contains stored XSS vulnerability
Magento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-47110, GHSA-j934-vjh5-vf9r
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3g5s-hryc-5qa9 |
|
| 5 |
| url |
VCID-3zcy-b3th-ukhd |
| vulnerability_id |
VCID-3zcy-b3th-ukhd |
| summary |
Magento Improper Access Control Leads to Privilege escalation
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39419, GHSA-74w7-cr4v-wf2v
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3zcy-b3th-ukhd |
|
| 6 |
| url |
VCID-4dae-vty8-b7hk |
| vulnerability_id |
VCID-4dae-vty8-b7hk |
| summary |
Magento Improper Access Control leads to security feature bypass
Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited write access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
| 4 |
|
|
| aliases |
CVE-2025-27206, GHSA-g2pj-xmxq-3r9q
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4dae-vty8-b7hk |
|
| 7 |
| url |
VCID-5gxr-xksz-5ydb |
| vulnerability_id |
VCID-5gxr-xksz-5ydb |
| summary |
Magento Improper Authorization leads to security feature bypass
Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39411, GHSA-qm77-mqf3-fmhq
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5gxr-xksz-5ydb |
|
| 8 |
| url |
VCID-6p6q-ctya-q3bv |
| vulnerability_id |
VCID-6p6q-ctya-q3bv |
| summary |
Magento Authenticated Security feature bypass
Magento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
| 4 |
|
|
| aliases |
CVE-2025-49549, GHSA-85jx-x9r4-45m2
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6p6q-ctya-q3bv |
|
| 9 |
| url |
VCID-6tx4-wexr-fkbb |
| vulnerability_id |
VCID-6tx4-wexr-fkbb |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain elevated privileges. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24437, GHSA-469f-wf4f-3jjv
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6tx4-wexr-fkbb |
|
| 10 |
| url |
VCID-6wdt-8fbe-hkbe |
| vulnerability_id |
VCID-6wdt-8fbe-hkbe |
| summary |
Magento Improper Authorization vulnerability in the customers module
Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are vulnerable to an Improper Authorization vulnerability in the customers module. Successful exploitation could allow a low-privileged user to modify customer data. Access to the admin console is required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.2-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.2-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2g87-y8ek-xfdr |
|
| 3 |
| vulnerability |
VCID-2ttz-k7d2-jucf |
|
| 4 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 5 |
| vulnerability |
VCID-36ve-7wxt-z7fz |
|
| 6 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 7 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 8 |
| vulnerability |
VCID-4cbe-djqs-tug1 |
|
| 9 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 10 |
| vulnerability |
VCID-4w1v-es9j-subp |
|
| 11 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 12 |
| vulnerability |
VCID-69wt-c418-mubr |
|
| 13 |
| vulnerability |
VCID-6mjf-p1d9-8qa1 |
|
| 14 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 15 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 16 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 17 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 18 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-8u5e-d6nx-3khc |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 25 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 26 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 27 |
| vulnerability |
VCID-b5hn-f1qk-z7cu |
|
| 28 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 29 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 30 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 31 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 32 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 33 |
| vulnerability |
VCID-c1ta-jffg-cfg9 |
|
| 34 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 35 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 36 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 37 |
| vulnerability |
VCID-cfjt-51xj-qqdw |
|
| 38 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 39 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 40 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 41 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 42 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 43 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 44 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 45 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 46 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 47 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 48 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 49 |
| vulnerability |
VCID-er49-k3tc-ufcu |
|
| 50 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 51 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 52 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 53 |
| vulnerability |
VCID-fz6y-fece-skgr |
|
| 54 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 55 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 56 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 57 |
| vulnerability |
VCID-gxnx-f2qh-3yf9 |
|
| 58 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 59 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 60 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 61 |
| vulnerability |
VCID-hspp-kw5e-akbr |
|
| 62 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 63 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 64 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 65 |
| vulnerability |
VCID-kgws-xvjr-g7bv |
|
| 66 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 67 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 68 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 69 |
| vulnerability |
VCID-kv6x-nz1s-uuar |
|
| 70 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 71 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 72 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 73 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 74 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 75 |
| vulnerability |
VCID-n5mn-3a8f-nbdb |
|
| 76 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 77 |
| vulnerability |
VCID-nn21-hf8r-ykfd |
|
| 78 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 79 |
| vulnerability |
VCID-p1py-xewy-7khn |
|
| 80 |
| vulnerability |
VCID-p9qx-66yy-1kc1 |
|
| 81 |
| vulnerability |
VCID-pm85-dfg2-euep |
|
| 82 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 85 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 86 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 87 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 88 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 89 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 90 |
| vulnerability |
VCID-rgnq-s54v-vkdm |
|
| 91 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 92 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 93 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 94 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 95 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 96 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 97 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 98 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 99 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 100 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 101 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 102 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 103 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 104 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 105 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 106 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 107 |
| vulnerability |
VCID-w42y-yc7r-kqhp |
|
| 108 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 109 |
| vulnerability |
VCID-wh14-k3ex-pubq |
|
| 110 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 111 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 112 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 113 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 114 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 115 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 116 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 117 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 118 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 119 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 120 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 121 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 122 |
| vulnerability |
VCID-ze8y-4wfs-hbf9 |
|
| 123 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1 |
|
|
| aliases |
CVE-2021-28567, GHSA-cc3w-r3w8-hfh7
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6wdt-8fbe-hkbe |
|
| 11 |
| url |
VCID-7pr7-uqp1-sugt |
| vulnerability_id |
VCID-7pr7-uqp1-sugt |
| summary |
Magento Open Source Improper Access Control vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45130, GHSA-v3v6-jfvw-m576
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7pr7-uqp1-sugt |
|
| 12 |
| url |
VCID-7s3w-8dn6-jqh7 |
| vulnerability_id |
VCID-7s3w-8dn6-jqh7 |
| summary |
Magento Open Source Improper Access Control vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45124, GHSA-w3p2-pc3h-69wv
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7s3w-8dn6-jqh7 |
|
| 13 |
| url |
VCID-7s74-rdkp-vyaf |
| vulnerability_id |
VCID-7s74-rdkp-vyaf |
| summary |
Magento Incorrect Authorization vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to perform actions with permissions that were not granted. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24421, GHSA-v6r2-425c-hfrr
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7s74-rdkp-vyaf |
|
| 14 |
| url |
VCID-8ape-agd1-s7hf |
| vulnerability_id |
VCID-8ape-agd1-s7hf |
| summary |
Magento Improper Access Control
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an access control bypass vulnerability in the Login as Customer module. Successful exploitation could lead to unauthorized access to restricted resources. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.1-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-apue-gaqy-n3cq |
|
| 19 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 20 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 21 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 22 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 23 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 24 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 25 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 26 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 27 |
| vulnerability |
VCID-cae3-fgn1-83hu |
|
| 28 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 29 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 30 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 31 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 32 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 33 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 34 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 35 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 36 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 37 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 38 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 39 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 40 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 41 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 42 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 43 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 44 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 45 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 46 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 47 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 48 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 49 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 50 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 51 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 52 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 53 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 54 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 55 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 56 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 57 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 58 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 59 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 60 |
| vulnerability |
VCID-mtes-xpe5-qkdj |
|
| 61 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 62 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 63 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 64 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 65 |
| vulnerability |
VCID-q4yr-fqww-tbb1 |
|
| 66 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 67 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 68 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 69 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 70 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 71 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 72 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 73 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 74 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 75 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 76 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 77 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 78 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 79 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 80 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 81 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 82 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 83 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 84 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 85 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 86 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 87 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 88 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 89 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 90 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 91 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 92 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 93 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 94 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 95 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 96 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 97 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 98 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 99 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 100 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 101 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 102 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 103 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 104 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 105 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 106 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1 |
|
|
| aliases |
CVE-2021-21020, GHSA-2j6v-829g-885q
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8ape-agd1-s7hf |
|
| 15 |
| url |
VCID-8hx4-r8bb-n7ge |
| vulnerability_id |
VCID-8hx4-r8bb-n7ge |
| summary |
Magento stored Cross-Site Scripting (XSS) vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24428, GHSA-mm87-rrqx-94cr
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8hx4-r8bb-n7ge |
|
| 16 |
| url |
VCID-8ky6-w2nk-9bds |
| vulnerability_id |
VCID-8ky6-w2nk-9bds |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24411, GHSA-36hw-x3cc-m258
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8ky6-w2nk-9bds |
|
| 17 |
| url |
VCID-8shb-t5zp-rqbu |
| vulnerability_id |
VCID-8shb-t5zp-rqbu |
| summary |
Magento Improper Access Control leads to Security feature bypass
Magento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-27190, GHSA-6wq7-cg9h-mj6q
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8shb-t5zp-rqbu |
|
| 18 |
| url |
VCID-9vrt-uccb-myev |
| vulnerability_id |
VCID-9vrt-uccb-myev |
| summary |
Magento Improper Authorization Leading to Security feature bypass
Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39415, GHSA-gj93-84g5-mcjq
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9vrt-uccb-myev |
|
| 19 |
| url |
VCID-a9b6-tenb-afdw |
| vulnerability_id |
VCID-a9b6-tenb-afdw |
| summary |
Magento Stored Cross-Site Scripting (XSS) Vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24416, GHSA-rjjw-g6hw-7pc9
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a9b6-tenb-afdw |
|
| 20 |
| url |
VCID-apue-gaqy-n3cq |
| vulnerability_id |
VCID-apue-gaqy-n3cq |
| summary |
Magento 2 Community Edition Incorrect Authorization
Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect authorization vulnerability. A user can still access resources provisioned under their old role after an administrator removes the role or disables the user's account. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1 |
| purl |
pkg:composer/magento/community-edition@2.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 19 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 20 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 21 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 22 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 23 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 24 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 25 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 28 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 29 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 30 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 31 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 32 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 33 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 34 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 35 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 36 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 37 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 38 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 39 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 40 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 41 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 42 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 43 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 44 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 45 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 46 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 47 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 48 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 49 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 50 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 51 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 52 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 53 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 54 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 55 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 56 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 57 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 58 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 59 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 60 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 61 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 62 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 63 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 64 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 65 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 66 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 67 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 68 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 69 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 70 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 71 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 72 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 73 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 74 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 75 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 76 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 77 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 78 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 79 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 80 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 81 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 82 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 83 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 84 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 85 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 86 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 87 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 88 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 89 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 90 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 91 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 92 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 93 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 94 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 95 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 96 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 97 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 98 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 99 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 100 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 101 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 102 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1 |
|
|
| aliases |
CVE-2020-24401, GHSA-f2g3-3c6q-4478
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-apue-gaqy-n3cq |
|
| 21 |
| url |
VCID-ayfe-5a7g-u7b7 |
| vulnerability_id |
VCID-ayfe-5a7g-u7b7 |
| summary |
Magento Open Source affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 1 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 2 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 3 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 4 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 5 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 6 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 7 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 8 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 9 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 10 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 11 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 12 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 13 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 16 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 17 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 18 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 19 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 20 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 21 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 22 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 23 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 24 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 25 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 26 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p6 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 2 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 3 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 4 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 5 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 12 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 13 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 14 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 15 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 16 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 17 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 18 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 19 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 20 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 21 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 22 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 23 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 24 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 25 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 26 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 27 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 28 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 29 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 30 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 31 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 32 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 33 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 34 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 35 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 36 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 37 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 38 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 39 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 40 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 41 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 42 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 43 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 44 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 45 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 46 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 47 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 48 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 49 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 50 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 51 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 52 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 53 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 54 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 55 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 56 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 57 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 58 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 59 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 60 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 61 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 62 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 63 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 64 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 65 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
|
| aliases |
CVE-2024-34102, GHSA-m8cj-3v68-3cxj
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ayfe-5a7g-u7b7 |
|
| 22 |
| url |
VCID-b3cn-pjp3-4yhm |
| vulnerability_id |
VCID-b3cn-pjp3-4yhm |
| summary |
Magento Business Logic Error vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Business Logic Error vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to circumvent intended security mechanisms by manipulating the logic of the application's operations causing limited data modification. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24425, GHSA-6ff8-jrfg-43hh
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b3cn-pjp3-4yhm |
|
| 23 |
| url |
VCID-b9ry-u6qy-j7cc |
| vulnerability_id |
VCID-b9ry-u6qy-j7cc |
| summary |
Magento Improper Authorization leads to Security feature bypass
Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39417, GHSA-4xmj-f664-hv98
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b9ry-u6qy-j7cc |
|
| 24 |
| url |
VCID-bch8-kq49-skhm |
| vulnerability_id |
VCID-bch8-kq49-skhm |
| summary |
Magento Open Source reflected Cross-Site Scripting (XSS) vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45123, GHSA-88x2-cq34-5fwc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bch8-kq49-skhm |
|
| 25 |
| url |
VCID-bera-73sm-bbh7 |
| vulnerability_id |
VCID-bera-73sm-bbh7 |
| summary |
Magento Open Source Incorrect Authorization vulnerability
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to gain unauthorized access or perform actions with the privileges of another user. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 1 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 2 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 3 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 4 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 5 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 6 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 7 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 8 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 9 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 10 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 11 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 12 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 13 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 16 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 17 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 18 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 19 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 20 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 21 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 22 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 23 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 24 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 25 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 26 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p6 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 2 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 3 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 4 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 5 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 12 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 13 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 14 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 15 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 16 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 17 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 18 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 19 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 20 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 21 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 22 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 23 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 24 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 25 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 26 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 27 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 28 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 29 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 30 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 31 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 32 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 33 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 34 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 35 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 36 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 37 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 38 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 39 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 40 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 41 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 42 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 43 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 44 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 45 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 46 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 47 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 48 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 49 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 50 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 51 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 52 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 53 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 54 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 55 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 56 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 57 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 58 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 59 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 60 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 61 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 62 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 63 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 64 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 65 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
|
| aliases |
CVE-2024-34106, GHSA-p6h9-gx5g-wg64
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bera-73sm-bbh7 |
|
| 26 |
| url |
VCID-bkpz-ratd-e7ab |
| vulnerability_id |
VCID-bkpz-ratd-e7ab |
| summary |
Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability
Magento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
| reference_url |
https://helpx.adobe.com/security/products/magento/apsb24-61.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:47Z/ |
|
|
| url |
https://helpx.adobe.com/security/products/magento/apsb24-61.html |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39410, GHSA-4323-f82v-f6jr
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bkpz-ratd-e7ab |
|
| 27 |
| url |
VCID-bzyh-c5tm-j7dn |
| vulnerability_id |
VCID-bzyh-c5tm-j7dn |
| summary |
Magento Open Source Cross-Site Scripting (XSS) vulnerability
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
4.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 1 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 2 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 3 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 4 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 5 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 6 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 7 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 8 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 9 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 10 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 11 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 12 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 13 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 16 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 17 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 18 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 19 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 20 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 21 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 22 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 23 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 24 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 25 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 26 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p6 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 2 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 3 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 4 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 5 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 12 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 13 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 14 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 15 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 16 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 17 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 18 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 19 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 20 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 21 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 22 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 23 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 24 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 25 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 26 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 27 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 28 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 29 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 30 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 31 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 32 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 33 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 34 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 35 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 36 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 37 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 38 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 39 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 40 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 41 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 42 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 43 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 44 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 45 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 46 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 47 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 48 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 49 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 50 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 51 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 52 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 53 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 54 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 55 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 56 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 57 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 58 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 59 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 60 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 61 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 62 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 63 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 64 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 65 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
|
| aliases |
CVE-2024-34105, GHSA-5632-wq7m-gfq9
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bzyh-c5tm-j7dn |
|
| 28 |
| url |
VCID-c4ms-3und-c7d1 |
| vulnerability_id |
VCID-c4ms-3und-c7d1 |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker with a low privilege account could leverage this vulnerability to perform an account takeover for a victim. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.3-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.3-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 10 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 11 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 12 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 13 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 14 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 15 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 16 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 17 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 18 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 19 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 20 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 21 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 22 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 23 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 24 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 25 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 26 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 27 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 28 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 29 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 30 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 31 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 32 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 33 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 34 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 41 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 42 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 43 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 44 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 45 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 46 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 47 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 48 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 49 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 50 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 51 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 52 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 53 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 54 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 55 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 56 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 57 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 58 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 59 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 60 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 61 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 62 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 63 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 64 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 65 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 66 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 70 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 79 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 80 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 81 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 82 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 83 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 84 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 85 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 86 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 87 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 88 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 89 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 90 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 91 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 92 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.4 |
| purl |
pkg:composer/magento/community-edition@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 58 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 59 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 72 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 73 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 74 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 75 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 76 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 77 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 78 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 79 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 80 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 81 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 82 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 83 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 84 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 85 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 86 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 87 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 88 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 89 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 90 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 91 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 92 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 93 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 94 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 95 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 96 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 97 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 98 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 99 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 100 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 101 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 102 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 103 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 104 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 105 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 106 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 107 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 108 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 109 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 110 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 111 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 112 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 113 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 114 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 115 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 116 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 117 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 118 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 119 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 120 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 121 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 122 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 123 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 124 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 125 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 126 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 127 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 128 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 129 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 130 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 131 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 132 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 133 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 134 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 135 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.5 |
| purl |
pkg:composer/magento/community-edition@2.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 48 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 49 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 50 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 51 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 52 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 53 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 54 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 55 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 56 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 57 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 62 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 63 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 64 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 65 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 66 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 67 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5 |
|
|
| aliases |
CVE-2022-34255, GHSA-x95x-f4g9-mm85
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-c4ms-3und-c7d1 |
|
| 29 |
| url |
VCID-c4mx-9727-nfgs |
| vulnerability_id |
VCID-c4mx-9727-nfgs |
| summary |
Magento stored cross-site scripting (XSS) in the customer address upload feature
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting (XSS) in the customer address upload feature. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Exploitation of this issue requires user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.1-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-apue-gaqy-n3cq |
|
| 19 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 20 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 21 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 22 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 23 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 24 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 25 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 26 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 27 |
| vulnerability |
VCID-cae3-fgn1-83hu |
|
| 28 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 29 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 30 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 31 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 32 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 33 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 34 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 35 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 36 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 37 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 38 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 39 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 40 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 41 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 42 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 43 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 44 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 45 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 46 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 47 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 48 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 49 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 50 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 51 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 52 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 53 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 54 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 55 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 56 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 57 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 58 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 59 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 60 |
| vulnerability |
VCID-mtes-xpe5-qkdj |
|
| 61 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 62 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 63 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 64 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 65 |
| vulnerability |
VCID-q4yr-fqww-tbb1 |
|
| 66 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 67 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 68 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 69 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 70 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 71 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 72 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 73 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 74 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 75 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 76 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 77 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 78 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 79 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 80 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 81 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 82 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 83 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 84 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 85 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 86 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 87 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 88 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 89 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 90 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 91 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 92 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 93 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 94 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 95 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 96 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 97 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 98 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 99 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 100 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 101 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 102 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 103 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 104 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 105 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 106 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1 |
|
|
| aliases |
CVE-2021-21030, GHSA-6988-g89m-27vf
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-c4mx-9727-nfgs |
|
| 30 |
| url |
VCID-cae3-fgn1-83hu |
| vulnerability_id |
VCID-cae3-fgn1-83hu |
| summary |
Magento incorrect permissions vulnerability in the Integrations component
Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect permissions vulnerability in the Integrations component. This vulnerability could be abused by authenticated users with permissions to the Resource Access API to delete customer details via the REST API without authorization. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1 |
| purl |
pkg:composer/magento/community-edition@2.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 19 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 20 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 21 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 22 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 23 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 24 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 25 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 28 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 29 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 30 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 31 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 32 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 33 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 34 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 35 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 36 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 37 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 38 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 39 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 40 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 41 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 42 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 43 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 44 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 45 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 46 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 47 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 48 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 49 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 50 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 51 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 52 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 53 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 54 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 55 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 56 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 57 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 58 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 59 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 60 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 61 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 62 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 63 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 64 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 65 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 66 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 67 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 68 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 69 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 70 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 71 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 72 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 73 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 74 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 75 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 76 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 77 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 78 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 79 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 80 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 81 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 82 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 83 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 84 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 85 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 86 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 87 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 88 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 89 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 90 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 91 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 92 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 93 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 94 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 95 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 96 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 97 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 98 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 99 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 100 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 101 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 102 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1 |
|
|
| aliases |
CVE-2020-24402, GHSA-hvf5-4jr9-fghh
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cae3-fgn1-83hu |
|
| 31 |
| url |
VCID-cafy-5dd8-rudj |
| vulnerability_id |
VCID-cafy-5dd8-rudj |
| summary |
Magento allows incorrect authorization
Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-54265, GHSA-r355-75hw-r8jf
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cafy-5dd8-rudj |
|
| 32 |
| url |
VCID-ccx1-qacj-2qev |
| vulnerability_id |
VCID-ccx1-qacj-2qev |
| summary |
Magento Community Edition Improper Input Validation vulnerability
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact to high. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.5-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 1 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 2 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 3 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 4 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 5 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 6 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 7 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 8 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 9 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 10 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 11 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 12 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 13 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 14 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 15 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 16 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 17 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 18 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 19 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 20 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 21 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 22 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 23 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 24 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 25 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 26 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 27 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 28 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 29 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 30 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 31 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 32 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 33 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 34 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 35 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 36 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 37 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 38 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 39 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 40 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 41 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 42 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 43 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 44 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 45 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 46 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 47 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 48 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 49 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 50 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 51 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 52 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 53 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 54 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 55 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 56 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 57 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 58 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 59 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 60 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 61 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p2 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.6-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 2 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 3 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 4 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 5 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 12 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 13 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 14 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 15 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 16 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 17 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 18 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 19 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 20 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 21 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 22 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 23 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 24 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 25 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 26 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 27 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 28 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 29 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 30 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 31 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 32 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 33 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 34 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 35 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 36 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 37 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 38 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 39 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 40 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 41 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 42 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 43 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 44 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 45 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 46 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 51 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 52 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 55 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 56 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 57 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 58 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 74 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 75 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 76 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 77 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 78 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 79 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 80 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 81 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 82 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 83 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 84 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 85 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 86 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 87 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p2 |
|
|
| aliases |
CVE-2025-54236, GHSA-wh92-6q6g-px7j
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ccx1-qacj-2qev |
|
| 33 |
| url |
VCID-cm2a-1yc5-v3cy |
| vulnerability_id |
VCID-cm2a-1yc5-v3cy |
| summary |
Magento has incorrect authorization issue that leads to arbitrary file system read
Magento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction, and scope is unchanged. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-49556, GHSA-7hrj-3c9x-xv5h
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cm2a-1yc5-v3cy |
|
| 34 |
| url |
VCID-cqjn-3z6n-sff1 |
| vulnerability_id |
VCID-cqjn-3z6n-sff1 |
| summary |
Magento Improper Authorization leads to Security feature bypass
Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39416, GHSA-4xgg-rw35-7mv5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cqjn-3z6n-sff1 |
|
| 35 |
| url |
VCID-d6mk-hg8h-7qbc |
| vulnerability_id |
VCID-d6mk-hg8h-7qbc |
| summary |
Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing security mechanisms. Exploitation of this issue requires user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24432, GHSA-7jmr-43qj-pw47
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-d6mk-hg8h-7qbc |
|
| 36 |
| url |
VCID-dj5a-35gt-u7dn |
| vulnerability_id |
VCID-dj5a-35gt-u7dn |
| summary |
Magento vulnerable to privilege escalation due to incorrect authorization
Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to elevated privileges that increase integrity impact to high. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-54267, GHSA-qvwr-p3hj-j6jf
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dj5a-35gt-u7dn |
|
| 37 |
| url |
VCID-dpm5-tmsy-2bez |
| vulnerability_id |
VCID-dpm5-tmsy-2bez |
| summary |
Magento Improper input validation vulnerability
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the `V1/customers/me` endpoint to achieve information exposure and privilege escalation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.3-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.3-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 10 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 11 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 12 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 13 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 14 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 15 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 16 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 17 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 18 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 19 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 20 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 21 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 22 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 23 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 24 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 25 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 26 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 27 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 28 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 29 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 30 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 31 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 32 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 33 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 34 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 41 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 42 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 43 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 44 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 45 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 46 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 47 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 48 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 49 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 50 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 51 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 52 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 53 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 54 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 55 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 56 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 57 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 58 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 59 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 60 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 61 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 62 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 63 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 64 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 65 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 66 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 70 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 79 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 80 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 81 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 82 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 83 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 84 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 85 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 86 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 87 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 88 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 89 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 90 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 91 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 92 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.3 |
| purl |
pkg:composer/magento/community-edition@2.4.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 7 |
| vulnerability |
VCID-69wt-c418-mubr |
|
| 8 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 9 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 19 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 20 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 21 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 22 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 23 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 24 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 25 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 28 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 29 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 30 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 31 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 32 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 33 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 34 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 40 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 41 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 42 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 43 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 44 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 45 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 46 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 47 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 48 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 49 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 50 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 51 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 52 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 53 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 54 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 55 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 56 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 57 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 58 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 59 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 60 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 61 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 62 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 63 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 64 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 65 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 66 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 67 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 68 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 69 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 72 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 73 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 74 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 75 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 76 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 77 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 78 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 79 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 80 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 81 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 82 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 83 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 84 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 85 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 86 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 87 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 88 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 89 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 90 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 91 |
| vulnerability |
VCID-y93w-2qcc-wqg8 |
|
| 92 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 93 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 94 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.5 |
| purl |
pkg:composer/magento/community-edition@2.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 48 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 49 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 50 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 51 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 52 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 53 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 54 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 55 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 56 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 57 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 62 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 63 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 64 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 65 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 66 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 67 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5 |
|
|
| aliases |
CVE-2022-42344, GHSA-297f-r9w7-w492
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dpm5-tmsy-2bez |
|
| 38 |
| url |
VCID-dqkx-knjf-47hh |
| vulnerability_id |
VCID-dqkx-knjf-47hh |
| summary |
SQL Injection
Magento This vulnerability could be exploited by an authenticated user with permissions to the product listing page to read data from the database. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1 |
| purl |
pkg:composer/magento/community-edition@2.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 19 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 20 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 21 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 22 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 23 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 24 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 25 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 28 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 29 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 30 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 31 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 32 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 33 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 34 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 35 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 36 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 37 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 38 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 39 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 40 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 41 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 42 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 43 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 44 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 45 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 46 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 47 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 48 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 49 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 50 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 51 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 52 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 53 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 54 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 55 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 56 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 57 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 58 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 59 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 60 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 61 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 62 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 63 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 64 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 65 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 66 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 67 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 68 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 69 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 70 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 71 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 72 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 73 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 74 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 75 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 76 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 77 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 78 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 79 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 80 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 81 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 82 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 83 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 84 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 85 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 86 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 87 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 88 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 89 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 90 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 91 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 92 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 93 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 94 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 95 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 96 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 97 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 98 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 99 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 100 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 101 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 102 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1 |
|
|
| aliases |
CVE-2020-24400, GHSA-pf6w-3pfw-fxvw
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dqkx-knjf-47hh |
|
| 39 |
| url |
VCID-du16-f2wp-t3cw |
| vulnerability_id |
VCID-du16-f2wp-t3cw |
| summary |
Magento Open Source Improper Authorization vulnerability
Magento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39412, GHSA-7472-vw39-g2j3
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-du16-f2wp-t3cw |
|
| 40 |
| url |
VCID-dur2-pfke-h7hf |
| vulnerability_id |
VCID-dur2-pfke-h7hf |
| summary |
Magento Open Source Improper Access Control vulnerability
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 1 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 2 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 3 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 4 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 5 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 6 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 7 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 8 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 9 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 10 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 11 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 12 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 13 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 16 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 17 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 18 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 19 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 20 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 21 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 22 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 23 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 24 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 25 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 26 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p6 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 2 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 3 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 4 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 5 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 12 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 13 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 14 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 15 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 16 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 17 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 18 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 19 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 20 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 21 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 22 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 23 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 24 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 25 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 26 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 27 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 28 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 29 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 30 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 31 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 32 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 33 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 34 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 35 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 36 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 37 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 38 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 39 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 40 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 41 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 42 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 43 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 44 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 45 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 46 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 47 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 48 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 49 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 50 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 51 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 52 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 53 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 54 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 55 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 56 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 57 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 58 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 59 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 60 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 61 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 62 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 63 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 64 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 65 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
|
| aliases |
CVE-2024-34107, GHSA-r7cm-g469-wm4g
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dur2-pfke-h7hf |
|
| 41 |
| url |
VCID-e7k8-hmqe-wufh |
| vulnerability_id |
VCID-e7k8-hmqe-wufh |
| summary |
Magento is vulnerable to SQL Injection. Successful exploitation could lead to unauthorized access to restricted resources by an unauthenticated attacker. Access to the admin console is required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.1-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-apue-gaqy-n3cq |
|
| 19 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 20 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 21 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 22 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 23 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 24 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 25 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 26 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 27 |
| vulnerability |
VCID-cae3-fgn1-83hu |
|
| 28 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 29 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 30 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 31 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 32 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 33 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 34 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 35 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 36 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 37 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 38 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 39 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 40 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 41 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 42 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 43 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 44 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 45 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 46 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 47 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 48 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 49 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 50 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 51 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 52 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 53 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 54 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 55 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 56 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 57 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 58 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 59 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 60 |
| vulnerability |
VCID-mtes-xpe5-qkdj |
|
| 61 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 62 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 63 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 64 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 65 |
| vulnerability |
VCID-q4yr-fqww-tbb1 |
|
| 66 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 67 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 68 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 69 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 70 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 71 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 72 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 73 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 74 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 75 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 76 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 77 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 78 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 79 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 80 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 81 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 82 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 83 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 84 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 85 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 86 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 87 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 88 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 89 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 90 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 91 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 92 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 93 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 94 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 95 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 96 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 97 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 98 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 99 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 100 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 101 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 102 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 103 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 104 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 105 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 106 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1 |
|
|
| aliases |
CVE-2021-21024, GHSA-rj4f-cp4v-hvcv
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e7k8-hmqe-wufh |
|
| 42 |
| url |
VCID-e7zd-dn28-4bf1 |
| vulnerability_id |
VCID-e7zd-dn28-4bf1 |
| summary |
Magento Open Source Improper Authentication vulnerability
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access or elevated privileges within the application. Exploitation of this issue does not require user interaction, but attack complexity is high. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.2 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 1 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 2 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 3 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 4 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 5 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 6 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 7 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 8 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 9 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 10 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 11 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 12 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 13 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 16 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 17 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 18 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 19 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 20 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 21 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 22 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 23 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 24 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 25 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 26 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p6 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 2 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 3 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 4 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 5 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 12 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 13 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 14 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 15 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 16 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 17 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 18 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 19 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 20 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 21 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 22 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 23 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 24 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 25 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 26 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 27 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 28 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 29 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 30 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 31 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 32 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 33 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 34 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 35 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 36 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 37 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 38 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 39 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 40 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 41 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 42 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 43 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 44 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 45 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 46 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 47 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 48 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 49 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 50 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 51 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 52 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 53 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 54 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 55 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 56 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 57 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 58 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 59 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 60 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 61 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 62 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 63 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 64 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 65 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
|
| aliases |
CVE-2024-34103, GHSA-f7q4-9gwv-6774
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e7zd-dn28-4bf1 |
|
| 43 |
| url |
VCID-eahe-s41f-ckc1 |
| vulnerability_id |
VCID-eahe-s41f-ckc1 |
| summary |
Magento Open Source Cross-Site Scripting (XSS) vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code. If an admin attacker can trick a user into clicking a specially crafted link or submitting a form, malicious scripts may be executed within the context of the victim's browser and have high impact on confidentiality and integrity. Exploitation of this issue requires user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N |
|
| 1 |
| value |
6.2 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45116, GHSA-873m-72g6-853g
|
| risk_score |
3.6 |
| exploitability |
0.5 |
| weighted_severity |
7.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-eahe-s41f-ckc1 |
|
| 44 |
| url |
VCID-ed87-d3y2-wfck |
| vulnerability_id |
VCID-ed87-d3y2-wfck |
| summary |
Magento improper authorization vulnerability in the integrations module
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by an improper authorization vulnerability in the integrations module. Successful exploitation could lead to unauthorized access to restricted resources by an unauthenticated attacker. Access to the admin console is required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.2 |
| purl |
pkg:composer/magento/community-edition@2.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2g87-y8ek-xfdr |
|
| 3 |
| vulnerability |
VCID-2ttz-k7d2-jucf |
|
| 4 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 5 |
| vulnerability |
VCID-36ve-7wxt-z7fz |
|
| 6 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 7 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 8 |
| vulnerability |
VCID-4cbe-djqs-tug1 |
|
| 9 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 10 |
| vulnerability |
VCID-4w1v-es9j-subp |
|
| 11 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 12 |
| vulnerability |
VCID-69wt-c418-mubr |
|
| 13 |
| vulnerability |
VCID-6mjf-p1d9-8qa1 |
|
| 14 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 15 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 16 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 17 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 18 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-8u5e-d6nx-3khc |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 25 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 26 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 27 |
| vulnerability |
VCID-b5hn-f1qk-z7cu |
|
| 28 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 29 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 30 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 31 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 32 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 33 |
| vulnerability |
VCID-c1ta-jffg-cfg9 |
|
| 34 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 35 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 36 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 37 |
| vulnerability |
VCID-cfjt-51xj-qqdw |
|
| 38 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 39 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 40 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 41 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 42 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 43 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 44 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 45 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 46 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 47 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 48 |
| vulnerability |
VCID-er49-k3tc-ufcu |
|
| 49 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 50 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 51 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 52 |
| vulnerability |
VCID-fz6y-fece-skgr |
|
| 53 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 54 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 55 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 56 |
| vulnerability |
VCID-gxnx-f2qh-3yf9 |
|
| 57 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 58 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 59 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 60 |
| vulnerability |
VCID-hspp-kw5e-akbr |
|
| 61 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 62 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 63 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 64 |
| vulnerability |
VCID-kgws-xvjr-g7bv |
|
| 65 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 66 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 67 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 68 |
| vulnerability |
VCID-kv6x-nz1s-uuar |
|
| 69 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 70 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 71 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 72 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 73 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 74 |
| vulnerability |
VCID-n5mn-3a8f-nbdb |
|
| 75 |
| vulnerability |
VCID-nn21-hf8r-ykfd |
|
| 76 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 77 |
| vulnerability |
VCID-p1py-xewy-7khn |
|
| 78 |
| vulnerability |
VCID-p9qx-66yy-1kc1 |
|
| 79 |
| vulnerability |
VCID-pm85-dfg2-euep |
|
| 80 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 81 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 82 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 83 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 84 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 85 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 86 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 87 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 88 |
| vulnerability |
VCID-rgnq-s54v-vkdm |
|
| 89 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 90 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 91 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 92 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 93 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 94 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 95 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 96 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 97 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 98 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 99 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 100 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 101 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 102 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 103 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 104 |
| vulnerability |
VCID-w42y-yc7r-kqhp |
|
| 105 |
| vulnerability |
VCID-wh14-k3ex-pubq |
|
| 106 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 107 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 108 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 109 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 110 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 111 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 112 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 113 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 114 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 115 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 116 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 117 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 118 |
| vulnerability |
VCID-ze8y-4wfs-hbf9 |
|
| 119 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2 |
|
|
| aliases |
CVE-2021-21026, GHSA-crjc-2v9m-8w7r
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ed87-d3y2-wfck |
|
| 45 |
| url |
VCID-egy6-nku7-zyap |
| vulnerability_id |
VCID-egy6-nku7-zyap |
| summary |
Magento Improper Access Control leads to Security feature bypass
Magento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-27191, GHSA-vhcq-4xrm-2cr2
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-egy6-nku7-zyap |
|
| 46 |
| url |
VCID-evth-swm9-k3de |
| vulnerability_id |
VCID-evth-swm9-k3de |
| summary |
Magento Open Source Improper Access Control vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45121, GHSA-2qhq-fw98-h6wg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-evth-swm9-k3de |
|
| 47 |
| url |
VCID-eygc-ra9u-gyej |
| vulnerability_id |
VCID-eygc-ra9u-gyej |
| summary |
Magento Cross-Site Request Forgery (CSRF) vulnerability
Magento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in privilege escalation. A high-privileged attacker could trick a victim into executing unintended actions on a web application where the victim is authenticated, potentially allowing unauthorized access or modification of sensitive data. Exploitation of this issue requires user interaction in that a victim must visit a malicious website or click on a crafted link. Scope is changed. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-49555, GHSA-5777-jj7p-mpqw
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-eygc-ra9u-gyej |
|
| 48 |
| url |
VCID-fgqe-h7ey-33bd |
| vulnerability_id |
VCID-fgqe-h7ey-33bd |
| summary |
Cross-site Scripting
This vulnerability could be abused by an unauthenticated attacker to execute XSS attacks against other Magento users. This vulnerability requires a victim to browse to the uploaded file. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1 |
| purl |
pkg:composer/magento/community-edition@2.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 19 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 20 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 21 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 22 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 23 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 24 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 25 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 28 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 29 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 30 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 31 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 32 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 33 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 34 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 35 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 36 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 37 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 38 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 39 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 40 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 41 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 42 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 43 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 44 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 45 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 46 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 47 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 48 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 49 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 50 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 51 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 52 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 53 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 54 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 55 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 56 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 57 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 58 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 59 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 60 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 61 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 62 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 63 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 64 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 65 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 66 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 67 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 68 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 69 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 70 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 71 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 72 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 73 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 74 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 75 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 76 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 77 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 78 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 79 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 80 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 81 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 82 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 83 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 84 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 85 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 86 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 87 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 88 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 89 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 90 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 91 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 92 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 93 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 94 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 95 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 96 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 97 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 98 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 99 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 100 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 101 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 102 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1 |
|
|
| aliases |
CVE-2020-24408, GHSA-jxjc-6xmh-h7mg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fgqe-h7ey-33bd |
|
| 49 |
| url |
VCID-fz5y-um7w-63f4 |
| vulnerability_id |
VCID-fz5y-um7w-63f4 |
| summary |
Magento Stored Cross-Site Scripting (XSS) Vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24410, GHSA-gjxp-46rq-wg4q
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fz5y-um7w-63f4 |
|
| 50 |
| url |
VCID-fzm9-e6bg-r7aw |
| vulnerability_id |
VCID-fzm9-e6bg-r7aw |
| summary |
Magento Cross-site Scripting vulnerability
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable form fields. These scripts may be used to escalate privileges within the application or compromise sensitive user data. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.4-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 8 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 9 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 10 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 11 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 12 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 13 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 14 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 15 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 16 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 21 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 22 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 25 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 26 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 27 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 28 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 29 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 30 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 31 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 32 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 33 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 34 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 35 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 36 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 37 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 40 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 41 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 42 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 43 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 44 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 45 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 46 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 47 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 48 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 49 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 50 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 51 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 52 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 53 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 54 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 55 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 56 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2025-49557, GHSA-8mq8-c243-2335
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fzm9-e6bg-r7aw |
|
| 51 |
| url |
VCID-gedj-39p5-ubd6 |
| vulnerability_id |
VCID-gedj-39p5-ubd6 |
| summary |
Magento Stored Cross-Site Scripting (XSS) Vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24413, GHSA-xwgx-8v72-4j5j
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gedj-39p5-ubd6 |
|
| 52 |
| url |
VCID-gxj9-a1hc-47de |
| vulnerability_id |
VCID-gxj9-a1hc-47de |
| summary |
Magento Open Source Improper Access Control vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have high impact on integrity. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
7.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45118, GHSA-cg52-68fv-94qq
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gxj9-a1hc-47de |
|
| 53 |
| url |
VCID-gyj5-abau-uyf6 |
| vulnerability_id |
VCID-gyj5-abau-uyf6 |
| summary |
Magento stored cross-site scripting vulnerability in the admin console
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting vulnerability in the admin console. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Access to the admin console is required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.1-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-apue-gaqy-n3cq |
|
| 19 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 20 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 21 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 22 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 23 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 24 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 25 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 26 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 27 |
| vulnerability |
VCID-cae3-fgn1-83hu |
|
| 28 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 29 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 30 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 31 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 32 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 33 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 34 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 35 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 36 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 37 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 38 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 39 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 40 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 41 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 42 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 43 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 44 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 45 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 46 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 47 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 48 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 49 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 50 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 51 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 52 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 53 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 54 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 55 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 56 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 57 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 58 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 59 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 60 |
| vulnerability |
VCID-mtes-xpe5-qkdj |
|
| 61 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 62 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 63 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 64 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 65 |
| vulnerability |
VCID-q4yr-fqww-tbb1 |
|
| 66 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 67 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 68 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 69 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 70 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 71 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 72 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 73 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 74 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 75 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 76 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 77 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 78 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 79 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 80 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 81 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 82 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 83 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 84 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 85 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 86 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 87 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 88 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 89 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 90 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 91 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 92 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 93 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 94 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 95 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 96 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 97 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 98 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 99 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 100 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 101 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 102 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 103 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 104 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 105 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 106 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1 |
|
|
| aliases |
CVE-2021-21023, GHSA-h5rm-m772-6qcx
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gyj5-abau-uyf6 |
|
| 54 |
| url |
VCID-h4nn-2mrj-g3ds |
| vulnerability_id |
VCID-h4nn-2mrj-g3ds |
| summary |
Improper Authorization
Magento This vulnerability could be abused by users with permissions to the Pages resource to delete cms pages via the REST API without authorization. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1 |
| purl |
pkg:composer/magento/community-edition@2.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 19 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 20 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 21 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 22 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 23 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 24 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 25 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 28 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 29 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 30 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 31 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 32 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 33 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 34 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 35 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 36 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 37 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 38 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 39 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 40 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 41 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 42 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 43 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 44 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 45 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 46 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 47 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 48 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 49 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 50 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 51 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 52 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 53 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 54 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 55 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 56 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 57 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 58 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 59 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 60 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 61 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 62 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 63 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 64 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 65 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 66 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 67 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 68 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 69 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 70 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 71 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 72 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 73 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 74 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 75 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 76 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 77 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 78 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 79 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 80 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 81 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 82 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 83 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 84 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 85 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 86 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 87 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 88 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 89 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 90 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 91 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 92 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 93 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 94 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 95 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 96 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 97 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 98 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 99 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 100 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 101 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 102 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1 |
|
|
| aliases |
CVE-2020-24404, GHSA-rwf7-652f-76mv
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h4nn-2mrj-g3ds |
|
| 55 |
| url |
VCID-h64s-51sc-huga |
| vulnerability_id |
VCID-h64s-51sc-huga |
| summary |
XPath Injection
Magento is vulnerable to XML injection in the Widgets module. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.1-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-apue-gaqy-n3cq |
|
| 19 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 20 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 21 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 22 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 23 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 24 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 25 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 26 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 27 |
| vulnerability |
VCID-cae3-fgn1-83hu |
|
| 28 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 29 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 30 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 31 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 32 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 33 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 34 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 35 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 36 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 37 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 38 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 39 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 40 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 41 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 42 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 43 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 44 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 45 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 46 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 47 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 48 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 49 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 50 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 51 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 52 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 53 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 54 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 55 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 56 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 57 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 58 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 59 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 60 |
| vulnerability |
VCID-mtes-xpe5-qkdj |
|
| 61 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 62 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 63 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 64 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 65 |
| vulnerability |
VCID-q4yr-fqww-tbb1 |
|
| 66 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 67 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 68 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 69 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 70 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 71 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 72 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 73 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 74 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 75 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 76 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 77 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 78 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 79 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 80 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 81 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 82 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 83 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 84 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 85 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 86 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 87 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 88 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 89 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 90 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 91 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 92 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 93 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 94 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 95 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 96 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 97 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 98 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 99 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 100 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 101 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 102 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 103 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 104 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 105 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 106 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1 |
|
|
| aliases |
CVE-2021-21019, GHSA-mw95-gmw4-883p
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h64s-51sc-huga |
|
| 56 |
| url |
VCID-hbau-7tvg-cygz |
| vulnerability_id |
VCID-hbau-7tvg-cygz |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24429, GHSA-656q-fx2w-8ccv
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hbau-7tvg-cygz |
|
| 57 |
| url |
VCID-hfbb-ax6r-tbaz |
| vulnerability_id |
VCID-hfbb-ax6r-tbaz |
| summary |
Magento Open Source Server-Side Request Forgery (SSRF) vulnerability
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted request to the server, which could then cause the server to execute arbitrary code. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 1 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 2 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 3 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 4 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 5 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 6 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 7 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 8 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 9 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 10 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 11 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 12 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 13 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 16 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 17 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 18 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 19 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 20 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 21 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 22 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 23 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 24 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 25 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 26 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p6 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 2 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 3 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 4 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 5 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 12 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 13 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 14 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 15 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 16 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 17 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 18 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 19 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 20 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 21 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 22 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 23 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 24 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 25 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 26 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 27 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 28 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 29 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 30 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 31 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 32 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 33 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 34 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 35 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 36 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 37 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 38 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 39 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 40 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 41 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 42 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 43 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 44 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 45 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 46 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 47 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 48 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 49 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 50 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 51 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 52 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 53 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 54 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 55 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 56 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 57 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 58 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 59 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 60 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 61 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 62 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 63 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 64 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 65 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
|
| aliases |
CVE-2024-34111, GHSA-jmqp-r3gg-6jh3
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hfbb-ax6r-tbaz |
|
| 58 |
| url |
VCID-hq7k-qz7g-4bc2 |
| vulnerability_id |
VCID-hq7k-qz7g-4bc2 |
| summary |
Magento Path Traversal vulnerability
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could be abused by an attacker to inject malicious scripts into the vulnerable endpoint. A low privileged attacker could leverage this vulnerability to read local files and to perform Stored XSS. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.3-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.3-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 10 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 11 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 12 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 13 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 14 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 15 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 16 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 17 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 18 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 19 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 20 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 21 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 22 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 23 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 24 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 25 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 26 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 27 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 28 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 29 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 30 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 31 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 32 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 33 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 34 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 41 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 42 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 43 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 44 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 45 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 46 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 47 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 48 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 49 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 50 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 51 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 52 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 53 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 54 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 55 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 56 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 57 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 58 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 59 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 60 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 61 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 62 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 63 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 64 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 65 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 66 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 70 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 79 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 80 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 81 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 82 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 83 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 84 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 85 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 86 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 87 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 88 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 89 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 90 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 91 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 92 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.4 |
| purl |
pkg:composer/magento/community-edition@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 58 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 59 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 72 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 73 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 74 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 75 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 76 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 77 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 78 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 79 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 80 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 81 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 82 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 83 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 84 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 85 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 86 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 87 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 88 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 89 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 90 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 91 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 92 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 93 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 94 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 95 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 96 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 97 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 98 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 99 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 100 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 101 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 102 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 103 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 104 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 105 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 106 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 107 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 108 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 109 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 110 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 111 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 112 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 113 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 114 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 115 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 116 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 117 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 118 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 119 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 120 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 121 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 122 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 123 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 124 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 125 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 126 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 127 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 128 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 129 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 130 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 131 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 132 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 133 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 134 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 135 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.5 |
| purl |
pkg:composer/magento/community-edition@2.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 48 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 49 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 50 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 51 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 52 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 53 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 54 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 55 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 56 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 57 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 62 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 63 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 64 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 65 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 66 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 67 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5 |
|
|
| aliases |
CVE-2022-34254, GHSA-fx9g-g9q6-x3jx
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hq7k-qz7g-4bc2 |
|
| 59 |
| url |
VCID-hufp-fajk-n7gu |
| vulnerability_id |
VCID-hufp-fajk-n7gu |
| summary |
OS Command Injection
Magento is vulnerable to OS command injection via the scheduled operation module. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.1-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-apue-gaqy-n3cq |
|
| 19 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 20 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 21 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 22 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 23 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 24 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 25 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 26 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 27 |
| vulnerability |
VCID-cae3-fgn1-83hu |
|
| 28 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 29 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 30 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 31 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 32 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 33 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 34 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 35 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 36 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 37 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 38 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 39 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 40 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 41 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 42 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 43 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 44 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 45 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 46 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 47 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 48 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 49 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 50 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 51 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 52 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 53 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 54 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 55 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 56 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 57 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 58 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 59 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 60 |
| vulnerability |
VCID-mtes-xpe5-qkdj |
|
| 61 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 62 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 63 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 64 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 65 |
| vulnerability |
VCID-q4yr-fqww-tbb1 |
|
| 66 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 67 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 68 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 69 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 70 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 71 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 72 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 73 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 74 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 75 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 76 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 77 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 78 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 79 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 80 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 81 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 82 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 83 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 84 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 85 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 86 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 87 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 88 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 89 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 90 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 91 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 92 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 93 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 94 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 95 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 96 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 97 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 98 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 99 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 100 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 101 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 102 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 103 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 104 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 105 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 106 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1 |
|
|
| aliases |
CVE-2021-21018, GHSA-rv48-v862-mp92
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hufp-fajk-n7gu |
|
| 60 |
| url |
VCID-j6ss-8f4e-e7g2 |
| vulnerability_id |
VCID-j6ss-8f4e-e7g2 |
| summary |
Magento does not properly protect credentials
Magento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could lead to a security feature bypass. A high privileged attacker could exploit this vulnerability to gain unauthorized access to protected resources by obtaining sensitive credential information. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-27192, GHSA-2r94-wm5v-4prx
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j6ss-8f4e-e7g2 |
|
| 61 |
| url |
VCID-j77a-cqsd-wuf1 |
| vulnerability_id |
VCID-j77a-cqsd-wuf1 |
| summary |
Magento Insufficient Session Expiration
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Successful exploitation of this issue could lead to unauthorized access to restricted resources. Access to the admin console is not required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.1-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-apue-gaqy-n3cq |
|
| 19 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 20 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 21 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 22 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 23 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 24 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 25 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 26 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 27 |
| vulnerability |
VCID-cae3-fgn1-83hu |
|
| 28 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 29 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 30 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 31 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 32 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 33 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 34 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 35 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 36 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 37 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 38 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 39 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 40 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 41 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 42 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 43 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 44 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 45 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 46 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 47 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 48 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 49 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 50 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 51 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 52 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 53 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 54 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 55 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 56 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 57 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 58 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 59 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 60 |
| vulnerability |
VCID-mtes-xpe5-qkdj |
|
| 61 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 62 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 63 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 64 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 65 |
| vulnerability |
VCID-q4yr-fqww-tbb1 |
|
| 66 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 67 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 68 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 69 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 70 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 71 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 72 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 73 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 74 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 75 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 76 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 77 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 78 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 79 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 80 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 81 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 82 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 83 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 84 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 85 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 86 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 87 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 88 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 89 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 90 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 91 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 92 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 93 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 94 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 95 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 96 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 97 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 98 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 99 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 100 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 101 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 102 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 103 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 104 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 105 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 106 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1 |
|
|
| aliases |
CVE-2021-21032, GHSA-4jfq-f8hc-775q
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j77a-cqsd-wuf1 |
|
| 62 |
| url |
VCID-jmhs-9u49-ekbj |
| vulnerability_id |
VCID-jmhs-9u49-ekbj |
| summary |
Magento Insecure Direct Object Reference (IDOR) in the product module
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object reference (IDOR) in the product module. Successful exploitation could lead to unauthorized access to restricted resources. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.1-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-apue-gaqy-n3cq |
|
| 19 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 20 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 21 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 22 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 23 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 24 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 25 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 26 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 27 |
| vulnerability |
VCID-cae3-fgn1-83hu |
|
| 28 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 29 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 30 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 31 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 32 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 33 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 34 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 35 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 36 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 37 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 38 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 39 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 40 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 41 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 42 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 43 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 44 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 45 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 46 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 47 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 48 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 49 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 50 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 51 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 52 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 53 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 54 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 55 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 56 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 57 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 58 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 59 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 60 |
| vulnerability |
VCID-mtes-xpe5-qkdj |
|
| 61 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 62 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 63 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 64 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 65 |
| vulnerability |
VCID-q4yr-fqww-tbb1 |
|
| 66 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 67 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 68 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 69 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 70 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 71 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 72 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 73 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 74 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 75 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 76 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 77 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 78 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 79 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 80 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 81 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 82 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 83 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 84 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 85 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 86 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 87 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 88 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 89 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 90 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 91 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 92 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 93 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 94 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 95 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 96 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 97 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 98 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 99 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 100 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 101 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 102 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 103 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 104 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 105 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 106 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1 |
|
|
| aliases |
CVE-2021-21022, GHSA-8pfq-g48p-x7w8
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jmhs-9u49-ekbj |
|
| 63 |
| url |
VCID-jr49-4fs3-8qcp |
| vulnerability_id |
VCID-jr49-4fs3-8qcp |
| summary |
Improper Authorization vulnerability in Magento and Adobe Commerce
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24434, GHSA-fppq-f2m6-xv5c
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jr49-4fs3-8qcp |
|
| 64 |
| url |
VCID-kezx-5nw5-hfen |
| vulnerability_id |
VCID-kezx-5nw5-hfen |
| summary |
Magento Improper Access Control Leads to Privilege escalation
Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39414, GHSA-x6f9-hv9r-fgq4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kezx-5nw5-hfen |
|
| 65 |
| url |
VCID-kje4-asu6-dfg2 |
| vulnerability_id |
VCID-kje4-asu6-dfg2 |
| summary |
Magento Open Source Improper Access Control vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45129, GHSA-m58h-998x-66f3
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kje4-asu6-dfg2 |
|
| 66 |
| url |
VCID-kq4m-anrt-rugn |
| vulnerability_id |
VCID-kq4m-anrt-rugn |
| summary |
Magento Open Source Improper Authorization vulnerability
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both confidentiality and integrity impact. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.2 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 1 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 2 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 3 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 4 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 5 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 6 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 7 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 8 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 9 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 10 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 11 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 12 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 13 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 16 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 17 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 18 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 19 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 20 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 21 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 22 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 23 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 24 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 25 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 26 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p6 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 2 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 3 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 4 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 5 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 12 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 13 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 14 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 15 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 16 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 17 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 18 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 19 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 20 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 21 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 22 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 23 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 24 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 25 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 26 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 27 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 28 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 29 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 30 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 31 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 32 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 33 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 34 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 35 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 36 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 37 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 38 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 39 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 40 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 41 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 42 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 43 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 44 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 45 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 46 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 47 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 48 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 49 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 50 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 51 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 52 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 53 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 54 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 55 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 56 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 57 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 58 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 59 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 60 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 61 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 62 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 63 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 64 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 65 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
|
| aliases |
CVE-2024-34104, GHSA-wwj3-573j-rvvm
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kq4m-anrt-rugn |
|
| 67 |
| url |
VCID-kuzc-uv5b-v7an |
| vulnerability_id |
VCID-kuzc-uv5b-v7an |
| summary |
Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability
Magento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39409, GHSA-rf4q-m23c-7q8r
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kuzc-uv5b-v7an |
|
| 68 |
| url |
VCID-kyvw-d4e8-1fd4 |
| vulnerability_id |
VCID-kyvw-d4e8-1fd4 |
| summary |
Magento XML Injection vulnerability in the Widgets Module
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an XML Injection vulnerability in the Widgets Module. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.3-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.3-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 10 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 11 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 12 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 13 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 14 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 15 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 16 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 17 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 18 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 19 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 20 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 21 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 22 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 23 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 24 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 25 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 26 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 27 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 28 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 29 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 30 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 31 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 32 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 33 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 34 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 41 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 42 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 43 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 44 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 45 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 46 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 47 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 48 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 49 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 50 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 51 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 52 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 53 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 54 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 55 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 56 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 57 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 58 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 59 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 60 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 61 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 62 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 63 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 64 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 65 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 66 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 70 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 79 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 80 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 81 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 82 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 83 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 84 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 85 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 86 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 87 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 88 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 89 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 90 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 91 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 92 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.4 |
| purl |
pkg:composer/magento/community-edition@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 58 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 59 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 72 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 73 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 74 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 75 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 76 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 77 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 78 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 79 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 80 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 81 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 82 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 83 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 84 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 85 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 86 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 87 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 88 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 89 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 90 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 91 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 92 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 93 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 94 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 95 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 96 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 97 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 98 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 99 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 100 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 101 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 102 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 103 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 104 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 105 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 106 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 107 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 108 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 109 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 110 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 111 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 112 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 113 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 114 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 115 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 116 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 117 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 118 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 119 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 120 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 121 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 122 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 123 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 124 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 125 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 126 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 127 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 128 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 129 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 130 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 131 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 132 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 133 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 134 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 135 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.5 |
| purl |
pkg:composer/magento/community-edition@2.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 48 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 49 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 50 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 51 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 52 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 53 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 54 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 55 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 56 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 57 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 62 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 63 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 64 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 65 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 66 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 67 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5 |
|
|
| aliases |
CVE-2022-34253, GHSA-cj7w-pm77-hvg6
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kyvw-d4e8-1fd4 |
|
| 69 |
| url |
VCID-md7v-w5aq-t7h1 |
| vulnerability_id |
VCID-md7v-w5aq-t7h1 |
| summary |
Magento Security feature bypass
Magento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access. Exploitation of this issue requires user interaction. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
| 4 |
|
|
| aliases |
CVE-2025-49550, GHSA-8hcx-xvww-6c6h
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-md7v-w5aq-t7h1 |
|
| 70 |
| url |
VCID-mhvf-2keh-2qar |
| vulnerability_id |
VCID-mhvf-2keh-2qar |
| summary |
Magento Stored Cross-Site Scripting (XSS) Vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24417, GHSA-g3j6-9753-8mp2
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mhvf-2keh-2qar |
|
| 71 |
| url |
VCID-mjb6-7au8-5fdx |
| vulnerability_id |
VCID-mjb6-7au8-5fdx |
| summary |
Magento Stored Cross-Site Scripting (XSS) Vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24414, GHSA-fhw6-3mj5-w9gv
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mjb6-7au8-5fdx |
|
| 72 |
| url |
VCID-mtes-xpe5-qkdj |
| vulnerability_id |
VCID-mtes-xpe5-qkdj |
| summary |
Magento 2 Community Edition RCE via Unsafe File Upload
Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an unsafe file upload vulnerability that could result in arbitrary code execution. This vulnerability could be abused by authenticated users with administrative permissions to the System/Data and Transfer/Import components. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1 |
| purl |
pkg:composer/magento/community-edition@2.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 19 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 20 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 21 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 22 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 23 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 24 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 25 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 28 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 29 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 30 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 31 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 32 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 33 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 34 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 35 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 36 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 37 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 38 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 39 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 40 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 41 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 42 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 43 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 44 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 45 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 46 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 47 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 48 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 49 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 50 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 51 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 52 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 53 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 54 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 55 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 56 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 57 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 58 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 59 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 60 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 61 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 62 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 63 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 64 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 65 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 66 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 67 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 68 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 69 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 70 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 71 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 72 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 73 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 74 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 75 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 76 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 77 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 78 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 79 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 80 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 81 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 82 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 83 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 84 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 85 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 86 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 87 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 88 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 89 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 90 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 91 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 92 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 93 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 94 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 95 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 96 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 97 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 98 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 99 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 100 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 101 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 102 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1 |
|
|
| aliases |
CVE-2020-24407, GHSA-7pxg-6p87-8c9v
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mtes-xpe5-qkdj |
|
| 73 |
| url |
VCID-mzsj-dck5-pqc5 |
| vulnerability_id |
VCID-mzsj-dck5-pqc5 |
| summary |
Magento stored Cross-Site Scripting (XSS) vulnerability
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker with admin privileges to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.3-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.3-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 10 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 11 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 12 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 13 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 14 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 15 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 16 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 17 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 18 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 19 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 20 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 21 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 22 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 23 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 24 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 25 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 26 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 27 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 28 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 29 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 30 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 31 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 32 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 33 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 34 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 41 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 42 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 43 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 44 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 45 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 46 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 47 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 48 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 49 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 50 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 51 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 52 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 53 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 54 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 55 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 56 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 57 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 58 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 59 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 60 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 61 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 62 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 63 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 64 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 65 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 66 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 70 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 79 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 80 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 81 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 82 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 83 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 84 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 85 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 86 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 87 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 88 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 89 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 90 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 91 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 92 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.4 |
| purl |
pkg:composer/magento/community-edition@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 58 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 59 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 72 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 73 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 74 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 75 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 76 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 77 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 78 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 79 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 80 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 81 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 82 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 83 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 84 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 85 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 86 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 87 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 88 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 89 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 90 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 91 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 92 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 93 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 94 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 95 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 96 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 97 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 98 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 99 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 100 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 101 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 102 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 103 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 104 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 105 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 106 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 107 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 108 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 109 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 110 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 111 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 112 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 113 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 114 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 115 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 116 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 117 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 118 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 119 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 120 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 121 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 122 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 123 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 124 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 125 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 126 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 127 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 128 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 129 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 130 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 131 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 132 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 133 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 134 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 135 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.5 |
| purl |
pkg:composer/magento/community-edition@2.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 48 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 49 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 50 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 51 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 52 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 53 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 54 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 55 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 56 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 57 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 62 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 63 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 64 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 65 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 66 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 67 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5 |
|
|
| aliases |
CVE-2022-34258, GHSA-5m55-g8pv-x8ww
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mzsj-dck5-pqc5 |
|
| 74 |
| url |
VCID-nm39-k1su-yyep |
| vulnerability_id |
VCID-nm39-k1su-yyep |
| summary |
Magento vulnerable to a file upload restriction bypass
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a file upload restriction bypass. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.2 |
| purl |
pkg:composer/magento/community-edition@2.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2g87-y8ek-xfdr |
|
| 3 |
| vulnerability |
VCID-2ttz-k7d2-jucf |
|
| 4 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 5 |
| vulnerability |
VCID-36ve-7wxt-z7fz |
|
| 6 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 7 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 8 |
| vulnerability |
VCID-4cbe-djqs-tug1 |
|
| 9 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 10 |
| vulnerability |
VCID-4w1v-es9j-subp |
|
| 11 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 12 |
| vulnerability |
VCID-69wt-c418-mubr |
|
| 13 |
| vulnerability |
VCID-6mjf-p1d9-8qa1 |
|
| 14 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 15 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 16 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 17 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 18 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-8u5e-d6nx-3khc |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 25 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 26 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 27 |
| vulnerability |
VCID-b5hn-f1qk-z7cu |
|
| 28 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 29 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 30 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 31 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 32 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 33 |
| vulnerability |
VCID-c1ta-jffg-cfg9 |
|
| 34 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 35 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 36 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 37 |
| vulnerability |
VCID-cfjt-51xj-qqdw |
|
| 38 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 39 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 40 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 41 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 42 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 43 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 44 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 45 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 46 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 47 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 48 |
| vulnerability |
VCID-er49-k3tc-ufcu |
|
| 49 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 50 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 51 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 52 |
| vulnerability |
VCID-fz6y-fece-skgr |
|
| 53 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 54 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 55 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 56 |
| vulnerability |
VCID-gxnx-f2qh-3yf9 |
|
| 57 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 58 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 59 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 60 |
| vulnerability |
VCID-hspp-kw5e-akbr |
|
| 61 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 62 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 63 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 64 |
| vulnerability |
VCID-kgws-xvjr-g7bv |
|
| 65 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 66 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 67 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 68 |
| vulnerability |
VCID-kv6x-nz1s-uuar |
|
| 69 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 70 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 71 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 72 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 73 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 74 |
| vulnerability |
VCID-n5mn-3a8f-nbdb |
|
| 75 |
| vulnerability |
VCID-nn21-hf8r-ykfd |
|
| 76 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 77 |
| vulnerability |
VCID-p1py-xewy-7khn |
|
| 78 |
| vulnerability |
VCID-p9qx-66yy-1kc1 |
|
| 79 |
| vulnerability |
VCID-pm85-dfg2-euep |
|
| 80 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 81 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 82 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 83 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 84 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 85 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 86 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 87 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 88 |
| vulnerability |
VCID-rgnq-s54v-vkdm |
|
| 89 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 90 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 91 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 92 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 93 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 94 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 95 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 96 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 97 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 98 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 99 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 100 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 101 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 102 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 103 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 104 |
| vulnerability |
VCID-w42y-yc7r-kqhp |
|
| 105 |
| vulnerability |
VCID-wh14-k3ex-pubq |
|
| 106 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 107 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 108 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 109 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 110 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 111 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 112 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 113 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 114 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 115 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 116 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 117 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 118 |
| vulnerability |
VCID-ze8y-4wfs-hbf9 |
|
| 119 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2 |
|
|
| aliases |
CVE-2021-21014, GHSA-269w-pqc7-68q9
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nm39-k1su-yyep |
|
| 75 |
| url |
VCID-ns8t-vtcn-aqh4 |
| vulnerability_id |
VCID-ns8t-vtcn-aqh4 |
| summary |
Magento Open Source Improper Access Control vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45149, GHSA-w7rg-7wq2-pjrw
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ns8t-vtcn-aqh4 |
|
| 76 |
| url |
VCID-px1s-dzpe-qbfx |
| vulnerability_id |
VCID-px1s-dzpe-qbfx |
| summary |
Path Traversal
When in maintenance mode, Magento This information could be helpful to attackers if they are able to identify other exploitable vulnerabilities in the environment. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1 |
| purl |
pkg:composer/magento/community-edition@2.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 19 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 20 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 21 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 22 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 23 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 24 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 25 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 28 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 29 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 30 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 31 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 32 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 33 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 34 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 35 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 36 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 37 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 38 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 39 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 40 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 41 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 42 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 43 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 44 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 45 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 46 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 47 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 48 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 49 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 50 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 51 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 52 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 53 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 54 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 55 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 56 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 57 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 58 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 59 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 60 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 61 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 62 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 63 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 64 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 65 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 66 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 67 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 68 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 69 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 70 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 71 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 72 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 73 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 74 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 75 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 76 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 77 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 78 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 79 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 80 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 81 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 82 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 83 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 84 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 85 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 86 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 87 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 88 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 89 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 90 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 91 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 92 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 93 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 94 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 95 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 96 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 97 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 98 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 99 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 100 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 101 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 102 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1 |
|
|
| aliases |
CVE-2020-24406, GHSA-mr8q-7f5j-wc79
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-px1s-dzpe-qbfx |
|
| 77 |
| url |
VCID-pxxm-ce8x-abdq |
| vulnerability_id |
VCID-pxxm-ce8x-abdq |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.3-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.3-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 10 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 11 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 12 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 13 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 14 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 15 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 16 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 17 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 18 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 19 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 20 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 21 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 22 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 23 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 24 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 25 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 26 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 27 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 28 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 29 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 30 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 31 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 32 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 33 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 34 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 41 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 42 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 43 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 44 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 45 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 46 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 47 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 48 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 49 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 50 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 51 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 52 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 53 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 54 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 55 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 56 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 57 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 58 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 59 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 60 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 61 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 62 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 63 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 64 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 65 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 66 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 70 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 79 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 80 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 81 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 82 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 83 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 84 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 85 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 86 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 87 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 88 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 89 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 90 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 91 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 92 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.4 |
| purl |
pkg:composer/magento/community-edition@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 58 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 59 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 72 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 73 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 74 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 75 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 76 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 77 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 78 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 79 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 80 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 81 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 82 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 83 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 84 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 85 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 86 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 87 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 88 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 89 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 90 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 91 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 92 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 93 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 94 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 95 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 96 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 97 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 98 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 99 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 100 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 101 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 102 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 103 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 104 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 105 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 106 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 107 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 108 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 109 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 110 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 111 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 112 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 113 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 114 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 115 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 116 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 117 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 118 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 119 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 120 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 121 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 122 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 123 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 124 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 125 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 126 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 127 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 128 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 129 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 130 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 131 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 132 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 133 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 134 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 135 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.5 |
| purl |
pkg:composer/magento/community-edition@2.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 48 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 49 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 50 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 51 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 52 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 53 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 54 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 55 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 56 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 57 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 62 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 63 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 64 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 65 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 66 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 67 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5 |
|
|
| aliases |
CVE-2022-34259, GHSA-9wjf-94h3-r4rh
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pxxm-ce8x-abdq |
|
| 78 |
| url |
VCID-q4yr-fqww-tbb1 |
| vulnerability_id |
VCID-q4yr-fqww-tbb1 |
| summary |
Magento incorrect user permissions vulnerability within the Inventory component
Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect user permissions vulnerability within the Inventory component. This vulnerability could be abused by authenticated users with Inventory and Source permissions to make unauthorized changes to inventory source data via the REST API. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1 |
| purl |
pkg:composer/magento/community-edition@2.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 19 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 20 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 21 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 22 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 23 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 24 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 25 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 28 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 29 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 30 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 31 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 32 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 33 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 34 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 35 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 36 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 37 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 38 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 39 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 40 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 41 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 42 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 43 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 44 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 45 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 46 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 47 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 48 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 49 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 50 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 51 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 52 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 53 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 54 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 55 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 56 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 57 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 58 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 59 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 60 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 61 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 62 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 63 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 64 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 65 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 66 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 67 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 68 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 69 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 70 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 71 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 72 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 73 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 74 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 75 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 76 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 77 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 78 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 79 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 80 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 81 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 82 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 83 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 84 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 85 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 86 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 87 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 88 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 89 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 90 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 91 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 92 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 93 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 94 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 95 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 96 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 97 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 98 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 99 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 100 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 101 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 102 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1 |
|
|
| aliases |
CVE-2020-24403, GHSA-39rw-4m66-82gf
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-q4yr-fqww-tbb1 |
|
| 79 |
| url |
VCID-qgpx-hgzu-5qgp |
| vulnerability_id |
VCID-qgpx-hgzu-5qgp |
| summary |
Magento Open Source Improper Access Control vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45122, GHSA-46fm-x82m-5f74
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qgpx-hgzu-5qgp |
|
| 80 |
| url |
VCID-qp7s-amch-v3cd |
| vulnerability_id |
VCID-qp7s-amch-v3cd |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to modify limited fields. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24435, GHSA-82p4-55gj-956p
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qp7s-amch-v3cd |
|
| 81 |
| url |
VCID-qq42-4zzt-3kh2 |
| vulnerability_id |
VCID-qq42-4zzt-3kh2 |
| summary |
Magento XPath Injection
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to XML injection in the product layout updates. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.1-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-apue-gaqy-n3cq |
|
| 19 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 20 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 21 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 22 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 23 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 24 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 25 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 26 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 27 |
| vulnerability |
VCID-cae3-fgn1-83hu |
|
| 28 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 29 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 30 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 31 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 32 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 33 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 34 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 35 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 36 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 37 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 38 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 39 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 40 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 41 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 42 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 43 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 44 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 45 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 46 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 47 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 48 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 49 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 50 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 51 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 52 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 53 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 54 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 55 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 56 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 57 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 58 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 59 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 60 |
| vulnerability |
VCID-mtes-xpe5-qkdj |
|
| 61 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 62 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 63 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 64 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 65 |
| vulnerability |
VCID-q4yr-fqww-tbb1 |
|
| 66 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 67 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 68 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 69 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 70 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 71 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 72 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 73 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 74 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 75 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 76 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 77 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 78 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 79 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 80 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 81 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 82 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 83 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 84 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 85 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 86 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 87 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 88 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 89 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 90 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 91 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 92 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 93 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 94 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 95 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 96 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 97 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 98 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 99 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 100 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 101 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 102 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 103 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 104 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 105 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 106 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1 |
|
|
| aliases |
CVE-2021-21025, GHSA-h437-qjj9-vmq4
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qq42-4zzt-3kh2 |
|
| 82 |
| url |
VCID-qrwc-3gsb-zkfy |
| vulnerability_id |
VCID-qrwc-3gsb-zkfy |
| summary |
Magento provides incorrect authorization through a security feature bypass
Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-54263, GHSA-69x9-xp2j-w8g8
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qrwc-3gsb-zkfy |
|
| 83 |
| url |
VCID-qx68-8xvf-a7hy |
| vulnerability_id |
VCID-qx68-8xvf-a7hy |
| summary |
Improper Authorization
Magento This vulnerability could be abused by authenticated users to modify inventory stock data without authorization. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1 |
| purl |
pkg:composer/magento/community-edition@2.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 19 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 20 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 21 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 22 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 23 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 24 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 25 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 28 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 29 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 30 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 31 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 32 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 33 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 34 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 35 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 36 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 37 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 38 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 39 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 40 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 41 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 42 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 43 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 44 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 45 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 46 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 47 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 48 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 49 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 50 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 51 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 52 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 53 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 54 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 55 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 56 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 57 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 58 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 59 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 60 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 61 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 62 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 63 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 64 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 65 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 66 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 67 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 68 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 69 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 70 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 71 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 72 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 73 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 74 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 75 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 76 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 77 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 78 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 79 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 80 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 81 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 82 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 83 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 84 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 85 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 86 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 87 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 88 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 89 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 90 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 91 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 92 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 93 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 94 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 95 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 96 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 97 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 98 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 99 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 100 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 101 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 102 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1 |
|
|
| aliases |
CVE-2020-24405, GHSA-p7m7-j8jv-393q
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qx68-8xvf-a7hy |
|
| 84 |
| url |
VCID-qzqd-271b-ybfj |
| vulnerability_id |
VCID-qzqd-271b-ybfj |
| summary |
Magento Information Exposure vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Information Exposure vulnerability that could result in privilege escalation. A low-privileged attacker could gain unauthorized access to sensitive information. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24408, GHSA-3cfg-w257-cgf8
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qzqd-271b-ybfj |
|
| 85 |
| url |
VCID-r4bw-w4t9-23ek |
| vulnerability_id |
VCID-r4bw-w4t9-23ek |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24427, GHSA-v3hq-g424-5mgg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r4bw-w4t9-23ek |
|
| 86 |
| url |
VCID-rduw-apr6-4fdu |
| vulnerability_id |
VCID-rduw-apr6-4fdu |
| summary |
Magento Open Source Improper Access Control vulnerability
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An admin attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
2.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45135, GHSA-8pxg-gcp4-57ww
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rduw-apr6-4fdu |
|
| 87 |
| url |
VCID-re84-qg3k-3ub3 |
| vulnerability_id |
VCID-re84-qg3k-3ub3 |
| summary |
Adobe Commerce Path Traversal
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to a security feature bypass. An unauthenticated attacker could exploit this vulnerability to modify files that are stored outside the restricted directory. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24406, GHSA-954p-ff72-327w
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-re84-qg3k-3ub3 |
|
| 88 |
| url |
VCID-rxac-w9pd-aqe1 |
| vulnerability_id |
VCID-rxac-w9pd-aqe1 |
| summary |
Magento Open Source Improper Authorization vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality and integrity. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45131, GHSA-xc5p-773w-m3pm
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rxac-w9pd-aqe1 |
|
| 89 |
| url |
VCID-s4bp-kzfu-8qfy |
| vulnerability_id |
VCID-s4bp-kzfu-8qfy |
| summary |
Magento Stored Cross-Site Scripting (XSS) Vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24412, GHSA-m4rg-mpp2-97px
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s4bp-kzfu-8qfy |
|
| 90 |
| url |
VCID-scg7-ugdn-53b9 |
| vulnerability_id |
VCID-scg7-ugdn-53b9 |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24424, GHSA-539v-w87w-w62c
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-scg7-ugdn-53b9 |
|
| 91 |
| url |
VCID-sd6n-a9mk-aufb |
| vulnerability_id |
VCID-sd6n-a9mk-aufb |
| summary |
Magento DOM-based Cross-Site Scripting vulnerability on mage-messages cookies
Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a DOM-based Cross-Site Scripting vulnerability on mage-messages cookies. Successful exploitation could lead to arbitrary JavaScript execution by an unauthenticated attacker. User interaction is required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.2-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.2-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2g87-y8ek-xfdr |
|
| 3 |
| vulnerability |
VCID-2ttz-k7d2-jucf |
|
| 4 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 5 |
| vulnerability |
VCID-36ve-7wxt-z7fz |
|
| 6 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 7 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 8 |
| vulnerability |
VCID-4cbe-djqs-tug1 |
|
| 9 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 10 |
| vulnerability |
VCID-4w1v-es9j-subp |
|
| 11 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 12 |
| vulnerability |
VCID-69wt-c418-mubr |
|
| 13 |
| vulnerability |
VCID-6mjf-p1d9-8qa1 |
|
| 14 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 15 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 16 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 17 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 18 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-8u5e-d6nx-3khc |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 25 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 26 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 27 |
| vulnerability |
VCID-b5hn-f1qk-z7cu |
|
| 28 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 29 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 30 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 31 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 32 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 33 |
| vulnerability |
VCID-c1ta-jffg-cfg9 |
|
| 34 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 35 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 36 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 37 |
| vulnerability |
VCID-cfjt-51xj-qqdw |
|
| 38 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 39 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 40 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 41 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 42 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 43 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 44 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 45 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 46 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 47 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 48 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 49 |
| vulnerability |
VCID-er49-k3tc-ufcu |
|
| 50 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 51 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 52 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 53 |
| vulnerability |
VCID-fz6y-fece-skgr |
|
| 54 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 55 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 56 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 57 |
| vulnerability |
VCID-gxnx-f2qh-3yf9 |
|
| 58 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 59 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 60 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 61 |
| vulnerability |
VCID-hspp-kw5e-akbr |
|
| 62 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 63 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 64 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 65 |
| vulnerability |
VCID-kgws-xvjr-g7bv |
|
| 66 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 67 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 68 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 69 |
| vulnerability |
VCID-kv6x-nz1s-uuar |
|
| 70 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 71 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 72 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 73 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 74 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 75 |
| vulnerability |
VCID-n5mn-3a8f-nbdb |
|
| 76 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 77 |
| vulnerability |
VCID-nn21-hf8r-ykfd |
|
| 78 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 79 |
| vulnerability |
VCID-p1py-xewy-7khn |
|
| 80 |
| vulnerability |
VCID-p9qx-66yy-1kc1 |
|
| 81 |
| vulnerability |
VCID-pm85-dfg2-euep |
|
| 82 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 85 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 86 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 87 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 88 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 89 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 90 |
| vulnerability |
VCID-rgnq-s54v-vkdm |
|
| 91 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 92 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 93 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 94 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 95 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 96 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 97 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 98 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 99 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 100 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 101 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 102 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 103 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 104 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 105 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 106 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 107 |
| vulnerability |
VCID-w42y-yc7r-kqhp |
|
| 108 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 109 |
| vulnerability |
VCID-wh14-k3ex-pubq |
|
| 110 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 111 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 112 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 113 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 114 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 115 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 116 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 117 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 118 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 119 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 120 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 121 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 122 |
| vulnerability |
VCID-ze8y-4wfs-hbf9 |
|
| 123 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1 |
|
|
| aliases |
CVE-2021-28556, GHSA-39ch-rg26-gmq5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sd6n-a9mk-aufb |
|
| 92 |
| url |
VCID-shfz-pxan-v3ar |
| vulnerability_id |
VCID-shfz-pxan-v3ar |
| summary |
Magento Open Source Cross-Site Request Forgery vulnerability
Magento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39408, GHSA-4cj6-f32v-6hgx
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-shfz-pxan-v3ar |
|
| 93 |
| url |
VCID-spjd-9z79-jueh |
| vulnerability_id |
VCID-spjd-9z79-jueh |
| summary |
OS Command Injection
Magento is vulnerable to an OS command injection via the customer attribute save controller. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.1-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-apue-gaqy-n3cq |
|
| 19 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 20 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 21 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 22 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 23 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 24 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 25 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 26 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 27 |
| vulnerability |
VCID-cae3-fgn1-83hu |
|
| 28 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 29 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 30 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 31 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 32 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 33 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 34 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 35 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 36 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 37 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 38 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 39 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 40 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 41 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 42 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 43 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 44 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 45 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 46 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 47 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 48 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 49 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 50 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 51 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 52 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 53 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 54 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 55 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 56 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 57 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 58 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 59 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 60 |
| vulnerability |
VCID-mtes-xpe5-qkdj |
|
| 61 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 62 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 63 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 64 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 65 |
| vulnerability |
VCID-q4yr-fqww-tbb1 |
|
| 66 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 67 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 68 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 69 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 70 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 71 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 72 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 73 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 74 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 75 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 76 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 77 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 78 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 79 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 80 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 81 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 82 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 83 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 84 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 85 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 86 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 87 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 88 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 89 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 90 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 91 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 92 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 93 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 94 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 95 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 96 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 97 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 98 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 99 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 100 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 101 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 102 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 103 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 104 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 105 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 106 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.2 |
| purl |
pkg:composer/magento/community-edition@2.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2g87-y8ek-xfdr |
|
| 3 |
| vulnerability |
VCID-2ttz-k7d2-jucf |
|
| 4 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 5 |
| vulnerability |
VCID-36ve-7wxt-z7fz |
|
| 6 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 7 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 8 |
| vulnerability |
VCID-4cbe-djqs-tug1 |
|
| 9 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 10 |
| vulnerability |
VCID-4w1v-es9j-subp |
|
| 11 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 12 |
| vulnerability |
VCID-69wt-c418-mubr |
|
| 13 |
| vulnerability |
VCID-6mjf-p1d9-8qa1 |
|
| 14 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 15 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 16 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 17 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 18 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-8u5e-d6nx-3khc |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 25 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 26 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 27 |
| vulnerability |
VCID-b5hn-f1qk-z7cu |
|
| 28 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 29 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 30 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 31 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 32 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 33 |
| vulnerability |
VCID-c1ta-jffg-cfg9 |
|
| 34 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 35 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 36 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 37 |
| vulnerability |
VCID-cfjt-51xj-qqdw |
|
| 38 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 39 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 40 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 41 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 42 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 43 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 44 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 45 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 46 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 47 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 48 |
| vulnerability |
VCID-er49-k3tc-ufcu |
|
| 49 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 50 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 51 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 52 |
| vulnerability |
VCID-fz6y-fece-skgr |
|
| 53 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 54 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 55 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 56 |
| vulnerability |
VCID-gxnx-f2qh-3yf9 |
|
| 57 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 58 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 59 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 60 |
| vulnerability |
VCID-hspp-kw5e-akbr |
|
| 61 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 62 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 63 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 64 |
| vulnerability |
VCID-kgws-xvjr-g7bv |
|
| 65 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 66 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 67 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 68 |
| vulnerability |
VCID-kv6x-nz1s-uuar |
|
| 69 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 70 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 71 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 72 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 73 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 74 |
| vulnerability |
VCID-n5mn-3a8f-nbdb |
|
| 75 |
| vulnerability |
VCID-nn21-hf8r-ykfd |
|
| 76 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 77 |
| vulnerability |
VCID-p1py-xewy-7khn |
|
| 78 |
| vulnerability |
VCID-p9qx-66yy-1kc1 |
|
| 79 |
| vulnerability |
VCID-pm85-dfg2-euep |
|
| 80 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 81 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 82 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 83 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 84 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 85 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 86 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 87 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 88 |
| vulnerability |
VCID-rgnq-s54v-vkdm |
|
| 89 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 90 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 91 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 92 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 93 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 94 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 95 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 96 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 97 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 98 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 99 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 100 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 101 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 102 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 103 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 104 |
| vulnerability |
VCID-w42y-yc7r-kqhp |
|
| 105 |
| vulnerability |
VCID-wh14-k3ex-pubq |
|
| 106 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 107 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 108 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 109 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 110 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 111 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 112 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 113 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 114 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 115 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 116 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 117 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 118 |
| vulnerability |
VCID-ze8y-4wfs-hbf9 |
|
| 119 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2 |
|
|
| aliases |
CVE-2021-21015, GHSA-w2p4-2c8c-2g7h
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-spjd-9z79-jueh |
|
| 94 |
| url |
VCID-tc3m-4bkg-qkcf |
| vulnerability_id |
VCID-tc3m-4bkg-qkcf |
| summary |
Magento Improper Authorization leading to security feature bypass
Magento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access leading to a limited impact to confidentiality and a high impact to integrity. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
| 4 |
|
|
| aliases |
CVE-2025-43585, GHSA-r487-9vv5-75gg
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tc3m-4bkg-qkcf |
|
| 95 |
| url |
VCID-te3b-exz5-zke1 |
| vulnerability_id |
VCID-te3b-exz5-zke1 |
| summary |
Magento Stored Cross-Site Scripting (XSS) Vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24415, GHSA-gc27-rvvm-q77r
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-te3b-exz5-zke1 |
|
| 96 |
| url |
VCID-th7y-aj51-mbaj |
| vulnerability_id |
VCID-th7y-aj51-mbaj |
| summary |
Magento vulnerable to stored Cross-Site Scripting (XSS)
Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-54264, GHSA-2768-5wmv-cfff
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-th7y-aj51-mbaj |
|
| 97 |
| url |
VCID-tvz9-8s4d-gbg6 |
| vulnerability_id |
VCID-tvz9-8s4d-gbg6 |
| summary |
Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing security mechanisms. Exploitation of this issue requires user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24430, GHSA-6w27-c66f-gvhq
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tvz9-8s4d-gbg6 |
|
| 98 |
| url |
VCID-txb3-ez5r-r7ek |
| vulnerability_id |
VCID-txb3-ez5r-r7ek |
| summary |
Magento Open Source Improper Input Validation vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to read files from the system outside of the intended directories via PHP filter chain and also can have a low-availability impact on the service. Exploitation of this issue does not require user interaction and scope is changed. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.6 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L |
|
| 1 |
| value |
6.2 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45117, GHSA-3fr3-gcqh-3m2g
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-txb3-ez5r-r7ek |
|
| 99 |
| url |
VCID-tzug-ckkn-dyft |
| vulnerability_id |
VCID-tzug-ckkn-dyft |
| summary |
Magento vulnerable to denial of service
Magento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input, causing the application to crash or become unresponsive. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-49554, GHSA-xgfm-992v-h2hr
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tzug-ckkn-dyft |
|
| 100 |
| url |
VCID-u2hc-27c2-1udc |
| vulnerability_id |
VCID-u2hc-27c2-1udc |
| summary |
Magento Violation of Secure Design Principles vulnerability in RMA PDF filename formats
Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a Violation of Secure Design Principles vulnerability in RMA PDF filename formats. Successful exploitation could allow an attacker to get unauthorized access to restricted resources. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.2-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.2-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2g87-y8ek-xfdr |
|
| 3 |
| vulnerability |
VCID-2ttz-k7d2-jucf |
|
| 4 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 5 |
| vulnerability |
VCID-36ve-7wxt-z7fz |
|
| 6 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 7 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 8 |
| vulnerability |
VCID-4cbe-djqs-tug1 |
|
| 9 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 10 |
| vulnerability |
VCID-4w1v-es9j-subp |
|
| 11 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 12 |
| vulnerability |
VCID-69wt-c418-mubr |
|
| 13 |
| vulnerability |
VCID-6mjf-p1d9-8qa1 |
|
| 14 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 15 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 16 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 17 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 18 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-8u5e-d6nx-3khc |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 25 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 26 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 27 |
| vulnerability |
VCID-b5hn-f1qk-z7cu |
|
| 28 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 29 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 30 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 31 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 32 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 33 |
| vulnerability |
VCID-c1ta-jffg-cfg9 |
|
| 34 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 35 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 36 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 37 |
| vulnerability |
VCID-cfjt-51xj-qqdw |
|
| 38 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 39 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 40 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 41 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 42 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 43 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 44 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 45 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 46 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 47 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 48 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 49 |
| vulnerability |
VCID-er49-k3tc-ufcu |
|
| 50 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 51 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 52 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 53 |
| vulnerability |
VCID-fz6y-fece-skgr |
|
| 54 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 55 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 56 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 57 |
| vulnerability |
VCID-gxnx-f2qh-3yf9 |
|
| 58 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 59 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 60 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 61 |
| vulnerability |
VCID-hspp-kw5e-akbr |
|
| 62 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 63 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 64 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 65 |
| vulnerability |
VCID-kgws-xvjr-g7bv |
|
| 66 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 67 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 68 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 69 |
| vulnerability |
VCID-kv6x-nz1s-uuar |
|
| 70 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 71 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 72 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 73 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 74 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 75 |
| vulnerability |
VCID-n5mn-3a8f-nbdb |
|
| 76 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 77 |
| vulnerability |
VCID-nn21-hf8r-ykfd |
|
| 78 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 79 |
| vulnerability |
VCID-p1py-xewy-7khn |
|
| 80 |
| vulnerability |
VCID-p9qx-66yy-1kc1 |
|
| 81 |
| vulnerability |
VCID-pm85-dfg2-euep |
|
| 82 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 85 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 86 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 87 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 88 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 89 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 90 |
| vulnerability |
VCID-rgnq-s54v-vkdm |
|
| 91 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 92 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 93 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 94 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 95 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 96 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 97 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 98 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 99 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 100 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 101 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 102 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 103 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 104 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 105 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 106 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 107 |
| vulnerability |
VCID-w42y-yc7r-kqhp |
|
| 108 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 109 |
| vulnerability |
VCID-wh14-k3ex-pubq |
|
| 110 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 111 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 112 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 113 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 114 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 115 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 116 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 117 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 118 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 119 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 120 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 121 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 122 |
| vulnerability |
VCID-ze8y-4wfs-hbf9 |
|
| 123 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1 |
|
|
| aliases |
CVE-2021-28583, GHSA-7gh6-f4jh-3crq
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u2hc-27c2-1udc |
|
| 101 |
| url |
VCID-ugyc-gehq-rudu |
| vulnerability_id |
VCID-ugyc-gehq-rudu |
| summary |
Magento Open Source Incorrect Authorization vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to have a low impact on integrity. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45125, GHSA-xg36-8c2v-jpxh
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ugyc-gehq-rudu |
|
| 102 |
| url |
VCID-vcdk-gdky-7fdg |
| vulnerability_id |
VCID-vcdk-gdky-7fdg |
| summary |
Magento stored Cross-Site Scripting (XSS) vulnerability
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.3-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.3-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 10 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 11 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 12 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 13 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 14 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 15 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 16 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 17 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 18 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 19 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 20 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 21 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 22 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 23 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 24 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 25 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 26 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 27 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 28 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 29 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 30 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 31 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 32 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 33 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 34 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 41 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 42 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 43 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 44 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 45 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 46 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 47 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 48 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 49 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 50 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 51 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 52 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 53 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 54 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 55 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 56 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 57 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 58 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 59 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 60 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 61 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 62 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 63 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 64 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 65 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 66 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 70 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 79 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 80 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 81 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 82 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 83 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 84 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 85 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 86 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 87 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 88 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 89 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 90 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 91 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 92 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.4 |
| purl |
pkg:composer/magento/community-edition@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 58 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 59 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 72 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 73 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 74 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 75 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 76 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 77 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 78 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 79 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 80 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 81 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 82 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 83 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 84 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 85 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 86 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 87 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 88 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 89 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 90 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 91 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 92 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 93 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 94 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 95 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 96 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 97 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 98 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 99 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 100 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 101 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 102 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 103 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 104 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 105 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 106 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 107 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 108 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 109 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 110 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 111 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 112 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 113 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 114 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 115 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 116 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 117 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 118 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 119 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 120 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 121 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 122 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 123 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 124 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 125 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 126 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 127 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 128 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 129 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 130 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 131 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 132 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 133 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 134 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 135 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.5 |
| purl |
pkg:composer/magento/community-edition@2.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 48 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 49 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 50 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 51 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 52 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 53 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 54 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 55 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 56 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 57 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 62 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 63 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 64 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 65 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 66 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 67 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5 |
|
|
| aliases |
CVE-2022-34257, GHSA-rg7p-wmgj-f374
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vcdk-gdky-7fdg |
|
| 103 |
| url |
VCID-ve4u-d5rz-wyab |
| vulnerability_id |
VCID-ve4u-d5rz-wyab |
| summary |
Magento OS command injection via the WebAPI
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to OS command injection via the WebAPI. Successful exploitation could lead to remote code execution by an authenticated attacker. Access to the admin console is required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.2 |
| purl |
pkg:composer/magento/community-edition@2.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2g87-y8ek-xfdr |
|
| 3 |
| vulnerability |
VCID-2ttz-k7d2-jucf |
|
| 4 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 5 |
| vulnerability |
VCID-36ve-7wxt-z7fz |
|
| 6 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 7 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 8 |
| vulnerability |
VCID-4cbe-djqs-tug1 |
|
| 9 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 10 |
| vulnerability |
VCID-4w1v-es9j-subp |
|
| 11 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 12 |
| vulnerability |
VCID-69wt-c418-mubr |
|
| 13 |
| vulnerability |
VCID-6mjf-p1d9-8qa1 |
|
| 14 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 15 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 16 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 17 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 18 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-8u5e-d6nx-3khc |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 25 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 26 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 27 |
| vulnerability |
VCID-b5hn-f1qk-z7cu |
|
| 28 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 29 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 30 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 31 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 32 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 33 |
| vulnerability |
VCID-c1ta-jffg-cfg9 |
|
| 34 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 35 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 36 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 37 |
| vulnerability |
VCID-cfjt-51xj-qqdw |
|
| 38 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 39 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 40 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 41 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 42 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 43 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 44 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 45 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 46 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 47 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 48 |
| vulnerability |
VCID-er49-k3tc-ufcu |
|
| 49 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 50 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 51 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 52 |
| vulnerability |
VCID-fz6y-fece-skgr |
|
| 53 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 54 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 55 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 56 |
| vulnerability |
VCID-gxnx-f2qh-3yf9 |
|
| 57 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 58 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 59 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 60 |
| vulnerability |
VCID-hspp-kw5e-akbr |
|
| 61 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 62 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 63 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 64 |
| vulnerability |
VCID-kgws-xvjr-g7bv |
|
| 65 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 66 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 67 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 68 |
| vulnerability |
VCID-kv6x-nz1s-uuar |
|
| 69 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 70 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 71 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 72 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 73 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 74 |
| vulnerability |
VCID-n5mn-3a8f-nbdb |
|
| 75 |
| vulnerability |
VCID-nn21-hf8r-ykfd |
|
| 76 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 77 |
| vulnerability |
VCID-p1py-xewy-7khn |
|
| 78 |
| vulnerability |
VCID-p9qx-66yy-1kc1 |
|
| 79 |
| vulnerability |
VCID-pm85-dfg2-euep |
|
| 80 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 81 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 82 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 83 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 84 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 85 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 86 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 87 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 88 |
| vulnerability |
VCID-rgnq-s54v-vkdm |
|
| 89 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 90 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 91 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 92 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 93 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 94 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 95 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 96 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 97 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 98 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 99 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 100 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 101 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 102 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 103 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 104 |
| vulnerability |
VCID-w42y-yc7r-kqhp |
|
| 105 |
| vulnerability |
VCID-wh14-k3ex-pubq |
|
| 106 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 107 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 108 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 109 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 110 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 111 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 112 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 113 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 114 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 115 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 116 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 117 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 118 |
| vulnerability |
VCID-ze8y-4wfs-hbf9 |
|
| 119 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2 |
|
|
| aliases |
CVE-2021-21016, GHSA-792f-c8mp-2cr5
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ve4u-d5rz-wyab |
|
| 104 |
| url |
VCID-vp8y-y64r-wkc9 |
| vulnerability_id |
VCID-vp8y-y64r-wkc9 |
| summary |
Magento Improper Authorization vulnerability
Adobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to access other user's data. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.3-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.3-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 10 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 11 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 12 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 13 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 14 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 15 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 16 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 17 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 18 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 19 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 20 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 21 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 22 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 23 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 24 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 25 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 26 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 27 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 28 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 29 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 30 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 31 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 32 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 33 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 34 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 41 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 42 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 43 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 44 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 45 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 46 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 47 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 48 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 49 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 50 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 51 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 52 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 53 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 54 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 55 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 56 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 57 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 58 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 59 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 60 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 61 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 62 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 63 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 64 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 65 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 66 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 70 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 79 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 80 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 81 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 82 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 83 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 84 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 85 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 86 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 87 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 88 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 89 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 90 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 91 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 92 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.4 |
| purl |
pkg:composer/magento/community-edition@2.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 18 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 19 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 20 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 25 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 26 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 27 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 28 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 29 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 30 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 31 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 32 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 33 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 34 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 35 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 36 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 48 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 49 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 50 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 51 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 52 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 53 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 54 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 55 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 56 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 57 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 58 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 59 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 60 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 61 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 62 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 63 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 64 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 65 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 66 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 67 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 68 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 69 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 70 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 71 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 72 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 73 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 74 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 75 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 76 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 77 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 78 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 79 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 80 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 81 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 82 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 83 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 84 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 85 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 86 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 87 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 88 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 89 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 90 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 91 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 92 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 93 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 94 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 95 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 96 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 97 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 98 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 99 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 100 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 101 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 102 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 103 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 104 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 105 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 106 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 107 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 108 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 109 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 110 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 111 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 112 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 113 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 114 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 115 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 116 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 117 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 118 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 119 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 120 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 121 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 122 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 123 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 124 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 125 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 126 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 127 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 128 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 129 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 130 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 131 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 132 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 133 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 134 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 135 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.5 |
| purl |
pkg:composer/magento/community-edition@2.4.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2h52-3pt6-dfcw |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3et4-3zad-1qfn |
|
| 4 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 5 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 6 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 7 |
| vulnerability |
VCID-525q-afzj-tkcp |
|
| 8 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 9 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 10 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 11 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 12 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 13 |
| vulnerability |
VCID-7ewa-w75h-qfdy |
|
| 14 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 15 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 16 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 17 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 18 |
| vulnerability |
VCID-7s7e-adr6-h3dc |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 22 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 23 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 24 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 25 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 26 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 27 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 28 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 29 |
| vulnerability |
VCID-az2w-5xhy-5fe4 |
|
| 30 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 31 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 32 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 33 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 34 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 35 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 36 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 37 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 38 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 39 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 40 |
| vulnerability |
VCID-cgwk-hn4t-n7c1 |
|
| 41 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 42 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 43 |
| vulnerability |
VCID-d2ab-j8bf-e7dx |
|
| 44 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 45 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 46 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 47 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 48 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 49 |
| vulnerability |
VCID-dx43-89w9-a7dg |
|
| 50 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 51 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 52 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 53 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 54 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 55 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 56 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 57 |
| vulnerability |
VCID-fzam-yuyg-qyd5 |
|
| 58 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 59 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 60 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 61 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 62 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 63 |
| vulnerability |
VCID-hh8a-mgkk-3yb5 |
|
| 64 |
| vulnerability |
VCID-j124-q39m-mkby |
|
| 65 |
| vulnerability |
VCID-j5vp-2jrx-ukf4 |
|
| 66 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 67 |
| vulnerability |
VCID-jhd5-tqph-3ufu |
|
| 68 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 69 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 70 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 71 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 72 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 73 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 74 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 75 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 76 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 77 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 78 |
| vulnerability |
VCID-msac-ptqf-pyg1 |
|
| 79 |
| vulnerability |
VCID-mtr5-suag-2bdj |
|
| 80 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 81 |
| vulnerability |
VCID-p222-28c1-vfhy |
|
| 82 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 85 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 86 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 87 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 88 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 89 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 90 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 91 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 92 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 93 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 94 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 95 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 96 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 97 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 98 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 99 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 100 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 101 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 102 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 103 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 104 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 105 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 106 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 107 |
| vulnerability |
VCID-upcj-z3c1-ubcf |
|
| 108 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 109 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 110 |
| vulnerability |
VCID-w3zd-fezc-nuhd |
|
| 111 |
| vulnerability |
VCID-wjfe-wh5k-1qft |
|
| 112 |
| vulnerability |
VCID-ws6y-k3tx-r3gb |
|
| 113 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 114 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 115 |
| vulnerability |
VCID-x46d-a16g-nkg9 |
|
| 116 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 117 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 118 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 119 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 120 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 121 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 122 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 123 |
| vulnerability |
VCID-yuvf-e7hk-kqf9 |
|
| 124 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 125 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 126 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 127 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5 |
|
|
| aliases |
CVE-2022-34256, GHSA-r7mm-grf3-5fjv
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vp8y-y64r-wkc9 |
|
| 105 |
| url |
VCID-vu36-a1g1-nugt |
| vulnerability_id |
VCID-vu36-a1g1-nugt |
| summary |
Magento Open Source Improper Authorization vulnerability
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and affect confidentiality. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
7.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45132, GHSA-5f64-ppmg-cvvm
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vu36-a1g1-nugt |
|
| 106 |
| url |
VCID-vx13-4b1d-wbgp |
| vulnerability_id |
VCID-vx13-4b1d-wbgp |
| summary |
Magento Open Source Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature bypass. An attacker could exploit this vulnerability to alter a condition between the check and the use of a resource, having a low impact on integrity. Exploitation of this issue requires user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
| reference_url |
https://helpx.adobe.com/security/products/magento/apsb24-73.html |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:01:07Z/ |
|
|
| url |
https://helpx.adobe.com/security/products/magento/apsb24-73.html |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45120, GHSA-47jp-46c9-25vf
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vx13-4b1d-wbgp |
|
| 107 |
| url |
VCID-w4uu-k7nk-a7hr |
| vulnerability_id |
VCID-w4uu-k7nk-a7hr |
| summary |
Magento cross-site request forgery (CSRF) vulnerability via the GraphQL API
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via the GraphQL API. Successful exploitation could lead to unauthorized modification of customer metadata by an unauthenticated attacker. Access to the admin console is not required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.2 |
| purl |
pkg:composer/magento/community-edition@2.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2g87-y8ek-xfdr |
|
| 3 |
| vulnerability |
VCID-2ttz-k7d2-jucf |
|
| 4 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 5 |
| vulnerability |
VCID-36ve-7wxt-z7fz |
|
| 6 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 7 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 8 |
| vulnerability |
VCID-4cbe-djqs-tug1 |
|
| 9 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 10 |
| vulnerability |
VCID-4w1v-es9j-subp |
|
| 11 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 12 |
| vulnerability |
VCID-69wt-c418-mubr |
|
| 13 |
| vulnerability |
VCID-6mjf-p1d9-8qa1 |
|
| 14 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 15 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 16 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 17 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 18 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-8u5e-d6nx-3khc |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 25 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 26 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 27 |
| vulnerability |
VCID-b5hn-f1qk-z7cu |
|
| 28 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 29 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 30 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 31 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 32 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 33 |
| vulnerability |
VCID-c1ta-jffg-cfg9 |
|
| 34 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 35 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 36 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 37 |
| vulnerability |
VCID-cfjt-51xj-qqdw |
|
| 38 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 39 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 40 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 41 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 42 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 43 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 44 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 45 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 46 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 47 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 48 |
| vulnerability |
VCID-er49-k3tc-ufcu |
|
| 49 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 50 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 51 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 52 |
| vulnerability |
VCID-fz6y-fece-skgr |
|
| 53 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 54 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 55 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 56 |
| vulnerability |
VCID-gxnx-f2qh-3yf9 |
|
| 57 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 58 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 59 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 60 |
| vulnerability |
VCID-hspp-kw5e-akbr |
|
| 61 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 62 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 63 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 64 |
| vulnerability |
VCID-kgws-xvjr-g7bv |
|
| 65 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 66 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 67 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 68 |
| vulnerability |
VCID-kv6x-nz1s-uuar |
|
| 69 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 70 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 71 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 72 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 73 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 74 |
| vulnerability |
VCID-n5mn-3a8f-nbdb |
|
| 75 |
| vulnerability |
VCID-nn21-hf8r-ykfd |
|
| 76 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 77 |
| vulnerability |
VCID-p1py-xewy-7khn |
|
| 78 |
| vulnerability |
VCID-p9qx-66yy-1kc1 |
|
| 79 |
| vulnerability |
VCID-pm85-dfg2-euep |
|
| 80 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 81 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 82 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 83 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 84 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 85 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 86 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 87 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 88 |
| vulnerability |
VCID-rgnq-s54v-vkdm |
|
| 89 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 90 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 91 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 92 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 93 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 94 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 95 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 96 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 97 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 98 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 99 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 100 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 101 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 102 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 103 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 104 |
| vulnerability |
VCID-w42y-yc7r-kqhp |
|
| 105 |
| vulnerability |
VCID-wh14-k3ex-pubq |
|
| 106 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 107 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 108 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 109 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 110 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 111 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 112 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 113 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 114 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 115 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 116 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 117 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 118 |
| vulnerability |
VCID-ze8y-4wfs-hbf9 |
|
| 119 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2 |
|
|
| aliases |
CVE-2021-21027, GHSA-h4xc-577p-hgj9
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-w4uu-k7nk-a7hr |
|
| 108 |
| url |
VCID-wbt5-q9qd-8kby |
| vulnerability_id |
VCID-wbt5-q9qd-8kby |
| summary |
Magento Path Traversal vulnerability
Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a Path Traversal vulnerability when creating a store with child theme.Successful exploitation could lead to arbitrary file system write by an authenticated attacker. Access to the admin console is required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.2-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.2-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2g87-y8ek-xfdr |
|
| 3 |
| vulnerability |
VCID-2ttz-k7d2-jucf |
|
| 4 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 5 |
| vulnerability |
VCID-36ve-7wxt-z7fz |
|
| 6 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 7 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 8 |
| vulnerability |
VCID-4cbe-djqs-tug1 |
|
| 9 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 10 |
| vulnerability |
VCID-4w1v-es9j-subp |
|
| 11 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 12 |
| vulnerability |
VCID-69wt-c418-mubr |
|
| 13 |
| vulnerability |
VCID-6mjf-p1d9-8qa1 |
|
| 14 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 15 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 16 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 17 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 18 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-8u5e-d6nx-3khc |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 25 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 26 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 27 |
| vulnerability |
VCID-b5hn-f1qk-z7cu |
|
| 28 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 29 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 30 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 31 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 32 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 33 |
| vulnerability |
VCID-c1ta-jffg-cfg9 |
|
| 34 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 35 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 36 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 37 |
| vulnerability |
VCID-cfjt-51xj-qqdw |
|
| 38 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 39 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 40 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 41 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 42 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 43 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 44 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 45 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 46 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 47 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 48 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 49 |
| vulnerability |
VCID-er49-k3tc-ufcu |
|
| 50 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 51 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 52 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 53 |
| vulnerability |
VCID-fz6y-fece-skgr |
|
| 54 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 55 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 56 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 57 |
| vulnerability |
VCID-gxnx-f2qh-3yf9 |
|
| 58 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 59 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 60 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 61 |
| vulnerability |
VCID-hspp-kw5e-akbr |
|
| 62 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 63 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 64 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 65 |
| vulnerability |
VCID-kgws-xvjr-g7bv |
|
| 66 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 67 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 68 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 69 |
| vulnerability |
VCID-kv6x-nz1s-uuar |
|
| 70 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 71 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 72 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 73 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 74 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 75 |
| vulnerability |
VCID-n5mn-3a8f-nbdb |
|
| 76 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 77 |
| vulnerability |
VCID-nn21-hf8r-ykfd |
|
| 78 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 79 |
| vulnerability |
VCID-p1py-xewy-7khn |
|
| 80 |
| vulnerability |
VCID-p9qx-66yy-1kc1 |
|
| 81 |
| vulnerability |
VCID-pm85-dfg2-euep |
|
| 82 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 85 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 86 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 87 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 88 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 89 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 90 |
| vulnerability |
VCID-rgnq-s54v-vkdm |
|
| 91 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 92 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 93 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 94 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 95 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 96 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 97 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 98 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 99 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 100 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 101 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 102 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 103 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 104 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 105 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 106 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 107 |
| vulnerability |
VCID-w42y-yc7r-kqhp |
|
| 108 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 109 |
| vulnerability |
VCID-wh14-k3ex-pubq |
|
| 110 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 111 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 112 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 113 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 114 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 115 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 116 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 117 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 118 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 119 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 120 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 121 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 122 |
| vulnerability |
VCID-ze8y-4wfs-hbf9 |
|
| 123 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1 |
|
|
| aliases |
CVE-2021-28584, GHSA-7gpv-xrjr-f5h4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wbt5-q9qd-8kby |
|
| 109 |
| url |
VCID-wvyx-2bbb-9yf7 |
| vulnerability_id |
VCID-wvyx-2bbb-9yf7 |
| summary |
Magento Open Source Information Exposure vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
2.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45133, GHSA-j3mh-wx5f-2vhg
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wvyx-2bbb-9yf7 |
|
| 110 |
| url |
VCID-wzu6-rbsv-mkde |
| vulnerability_id |
VCID-wzu6-rbsv-mkde |
| summary |
Magento vulnerable to path traversal
Magento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to modify limited data. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-49559, GHSA-h4f4-gv6h-x824
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wzu6-rbsv-mkde |
|
| 111 |
| url |
VCID-xbhh-m11c-gkeu |
| vulnerability_id |
VCID-xbhh-m11c-gkeu |
| summary |
Magento Improper input validation vulnerability
Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by an Improper input validation vulnerability in the New customer WebAPI.Successful exploitation could allow an attacker to send unsolicited spam e-mails. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.2-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.2-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2g87-y8ek-xfdr |
|
| 3 |
| vulnerability |
VCID-2ttz-k7d2-jucf |
|
| 4 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 5 |
| vulnerability |
VCID-36ve-7wxt-z7fz |
|
| 6 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 7 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 8 |
| vulnerability |
VCID-4cbe-djqs-tug1 |
|
| 9 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 10 |
| vulnerability |
VCID-4w1v-es9j-subp |
|
| 11 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 12 |
| vulnerability |
VCID-69wt-c418-mubr |
|
| 13 |
| vulnerability |
VCID-6mjf-p1d9-8qa1 |
|
| 14 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 15 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 16 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 17 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 18 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-8u5e-d6nx-3khc |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 25 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 26 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 27 |
| vulnerability |
VCID-b5hn-f1qk-z7cu |
|
| 28 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 29 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 30 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 31 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 32 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 33 |
| vulnerability |
VCID-c1ta-jffg-cfg9 |
|
| 34 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 35 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 36 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 37 |
| vulnerability |
VCID-cfjt-51xj-qqdw |
|
| 38 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 39 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 40 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 41 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 42 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 43 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 44 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 45 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 46 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 47 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 48 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 49 |
| vulnerability |
VCID-er49-k3tc-ufcu |
|
| 50 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 51 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 52 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 53 |
| vulnerability |
VCID-fz6y-fece-skgr |
|
| 54 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 55 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 56 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 57 |
| vulnerability |
VCID-gxnx-f2qh-3yf9 |
|
| 58 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 59 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 60 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 61 |
| vulnerability |
VCID-hspp-kw5e-akbr |
|
| 62 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 63 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 64 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 65 |
| vulnerability |
VCID-kgws-xvjr-g7bv |
|
| 66 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 67 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 68 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 69 |
| vulnerability |
VCID-kv6x-nz1s-uuar |
|
| 70 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 71 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 72 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 73 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 74 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 75 |
| vulnerability |
VCID-n5mn-3a8f-nbdb |
|
| 76 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 77 |
| vulnerability |
VCID-nn21-hf8r-ykfd |
|
| 78 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 79 |
| vulnerability |
VCID-p1py-xewy-7khn |
|
| 80 |
| vulnerability |
VCID-p9qx-66yy-1kc1 |
|
| 81 |
| vulnerability |
VCID-pm85-dfg2-euep |
|
| 82 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 85 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 86 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 87 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 88 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 89 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 90 |
| vulnerability |
VCID-rgnq-s54v-vkdm |
|
| 91 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 92 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 93 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 94 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 95 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 96 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 97 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 98 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 99 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 100 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 101 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 102 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 103 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 104 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 105 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 106 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 107 |
| vulnerability |
VCID-w42y-yc7r-kqhp |
|
| 108 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 109 |
| vulnerability |
VCID-wh14-k3ex-pubq |
|
| 110 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 111 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 112 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 113 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 114 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 115 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 116 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 117 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 118 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 119 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 120 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 121 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 122 |
| vulnerability |
VCID-ze8y-4wfs-hbf9 |
|
| 123 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1 |
|
|
| aliases |
CVE-2021-28585, GHSA-c38m-9668-6j2w
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xbhh-m11c-gkeu |
|
| 112 |
| url |
VCID-xfvu-2zg4-ruf6 |
| vulnerability_id |
VCID-xfvu-2zg4-ruf6 |
| summary |
Magento Improper Authorization vulnerability
Magento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2025-27188, GHSA-rr2g-rrjj-xw86
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xfvu-2zg4-ruf6 |
|
| 113 |
| url |
VCID-xk5y-7a1w-zba9 |
| vulnerability_id |
VCID-xk5y-7a1w-zba9 |
| summary |
Magento Open Source Server-Side Request Forgery (SSRF) vulnerability
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45119, GHSA-g9fm-wc6h-pvgj
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xk5y-7a1w-zba9 |
|
| 114 |
| url |
VCID-xsq8-ztqh-ubb8 |
| vulnerability_id |
VCID-xsq8-ztqh-ubb8 |
| summary |
Magento stored Cross-Site Scripting (XSS) vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24438, GHSA-8884-7rm9-mrx4
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xsq8-ztqh-ubb8 |
|
| 115 |
| url |
VCID-y1v3-9tyq-uqhd |
| vulnerability_id |
VCID-y1v3-9tyq-uqhd |
| summary |
Magento Open Source Information Exposure vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
2.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45134, GHSA-4f89-5cwm-rm5g
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y1v3-9tyq-uqhd |
|
| 116 |
| url |
VCID-y4u6-cy8y-hyae |
| vulnerability_id |
VCID-y4u6-cy8y-hyae |
| summary |
Magento Open Source Path Traversal vulnerability
Magento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10 |
|
| 1 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p7 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 3 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 8 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 9 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 10 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 11 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 12 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 13 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 14 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 15 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 16 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 17 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 18 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 19 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 20 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 21 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 22 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 23 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 24 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 25 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 26 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 27 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 28 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 33 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 34 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 35 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 36 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 37 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 38 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 39 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 40 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 41 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 42 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 43 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.7-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 7 |
| vulnerability |
VCID-6t9w-cnkz-s3c3 |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7hrm-jtbx-sqgm |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8msu-s38a-p7e3 |
|
| 16 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 17 |
| vulnerability |
VCID-9cc9-npdc-8bac |
|
| 18 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 19 |
| vulnerability |
VCID-a8gs-ervm-e3hm |
|
| 20 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 21 |
| vulnerability |
VCID-agtm-nkhp-dkdn |
|
| 22 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 23 |
| vulnerability |
VCID-b4jg-dj1a-9qd5 |
|
| 24 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 25 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-cc8x-6es1-8kc5 |
|
| 28 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 29 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 30 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 31 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 32 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 33 |
| vulnerability |
VCID-dpgz-dacm-sqg6 |
|
| 34 |
| vulnerability |
VCID-e9zx-zy9y-2fcp |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 40 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 41 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 42 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 43 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 44 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 45 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 46 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 47 |
| vulnerability |
VCID-kxnm-y19k-mqg2 |
|
| 48 |
| vulnerability |
VCID-m5z8-hz81-j7b7 |
|
| 49 |
| vulnerability |
VCID-m83v-51cy-uqar |
|
| 50 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 51 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 52 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 53 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 54 |
| vulnerability |
VCID-qfw5-3tdu-x7g4 |
|
| 55 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 56 |
| vulnerability |
VCID-qj4x-u7gx-9uf1 |
|
| 57 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 58 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 59 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 60 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 61 |
| vulnerability |
VCID-r7nh-arcj-8fb3 |
|
| 62 |
| vulnerability |
VCID-rbjk-3gcs-2qb5 |
|
| 63 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 64 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 65 |
| vulnerability |
VCID-rf6p-ct86-5bgz |
|
| 66 |
| vulnerability |
VCID-ruru-fwmn-5kes |
|
| 67 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 68 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 69 |
| vulnerability |
VCID-s5e2-d6n8-kkbr |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 72 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 73 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 74 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 75 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 76 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 77 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 78 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 79 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 80 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 81 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 82 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 83 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 84 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 85 |
| vulnerability |
VCID-y4r1-yr69-uuf6 |
|
| 86 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 87 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 88 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 89 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 90 |
| vulnerability |
VCID-zt9b-9sjx-7qb4 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.7-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 7 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 8 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 9 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 10 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 11 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 12 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 13 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 14 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 15 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 16 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 17 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 18 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 19 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 20 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 21 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 22 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 23 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 24 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 25 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 26 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 27 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 28 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 29 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 30 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 31 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 32 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 33 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 34 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 35 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 36 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 37 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 38 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 39 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 40 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 41 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 42 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 43 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 44 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 45 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 46 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 47 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 48 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 49 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 50 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 51 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 52 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 53 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 54 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 55 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 56 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 57 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 58 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 59 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 60 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 61 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 62 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 63 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 64 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2 |
|
|
| aliases |
CVE-2024-39406, GHSA-6pxh-2557-5cj5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y4u6-cy8y-hyae |
|
| 117 |
| url |
VCID-y7x4-664r-3fbk |
| vulnerability_id |
VCID-y7x4-664r-3fbk |
| summary |
Magento Improper Access Control vulnerability
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p12 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11 |
|
| 2 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p4 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 2 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 3 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 4 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 5 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 6 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 7 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 8 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 9 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 10 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 11 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 12 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 13 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 14 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 15 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 16 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 17 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 18 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 19 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 20 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4 |
|
| 4 |
|
|
| aliases |
CVE-2025-24436, GHSA-ghpr-6qhr-rpp8
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y7x4-664r-3fbk |
|
| 118 |
| url |
VCID-yvcy-4e8m-p3b8 |
| vulnerability_id |
VCID-yvcy-4e8m-p3b8 |
| summary |
Improper Authorization
An authorization flaw was found in Magento. Successful exploitation could lead to unauthorized modification of customer data by an unauthenticated attacker. Access to the admin console is required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.2-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.2-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2g87-y8ek-xfdr |
|
| 3 |
| vulnerability |
VCID-2ttz-k7d2-jucf |
|
| 4 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 5 |
| vulnerability |
VCID-36ve-7wxt-z7fz |
|
| 6 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 7 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 8 |
| vulnerability |
VCID-4cbe-djqs-tug1 |
|
| 9 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 10 |
| vulnerability |
VCID-4w1v-es9j-subp |
|
| 11 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 12 |
| vulnerability |
VCID-69wt-c418-mubr |
|
| 13 |
| vulnerability |
VCID-6mjf-p1d9-8qa1 |
|
| 14 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 15 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 16 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 17 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 18 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-8u5e-d6nx-3khc |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 25 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 26 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 27 |
| vulnerability |
VCID-b5hn-f1qk-z7cu |
|
| 28 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 29 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 30 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 31 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 32 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 33 |
| vulnerability |
VCID-c1ta-jffg-cfg9 |
|
| 34 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 35 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 36 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 37 |
| vulnerability |
VCID-cfjt-51xj-qqdw |
|
| 38 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 39 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 40 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 41 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 42 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 43 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 44 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 45 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 46 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 47 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 48 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 49 |
| vulnerability |
VCID-er49-k3tc-ufcu |
|
| 50 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 51 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 52 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 53 |
| vulnerability |
VCID-fz6y-fece-skgr |
|
| 54 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 55 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 56 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 57 |
| vulnerability |
VCID-gxnx-f2qh-3yf9 |
|
| 58 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 59 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 60 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 61 |
| vulnerability |
VCID-hspp-kw5e-akbr |
|
| 62 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 63 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 64 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 65 |
| vulnerability |
VCID-kgws-xvjr-g7bv |
|
| 66 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 67 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 68 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 69 |
| vulnerability |
VCID-kv6x-nz1s-uuar |
|
| 70 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 71 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 72 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 73 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 74 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 75 |
| vulnerability |
VCID-n5mn-3a8f-nbdb |
|
| 76 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 77 |
| vulnerability |
VCID-nn21-hf8r-ykfd |
|
| 78 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 79 |
| vulnerability |
VCID-p1py-xewy-7khn |
|
| 80 |
| vulnerability |
VCID-p9qx-66yy-1kc1 |
|
| 81 |
| vulnerability |
VCID-pm85-dfg2-euep |
|
| 82 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 83 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 84 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 85 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 86 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 87 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 88 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 89 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 90 |
| vulnerability |
VCID-rgnq-s54v-vkdm |
|
| 91 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 92 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 93 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 94 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 95 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 96 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 97 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 98 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 99 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 100 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 101 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 102 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 103 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 104 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 105 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 106 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 107 |
| vulnerability |
VCID-w42y-yc7r-kqhp |
|
| 108 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 109 |
| vulnerability |
VCID-wh14-k3ex-pubq |
|
| 110 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 111 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 112 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 113 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 114 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 115 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 116 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 117 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 118 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 119 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 120 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 121 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 122 |
| vulnerability |
VCID-ze8y-4wfs-hbf9 |
|
| 123 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1 |
|
|
| aliases |
CVE-2021-28563, GHSA-q9xx-4689-gvv5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yvcy-4e8m-p3b8 |
|
| 119 |
| url |
VCID-yyq6-dvyx-3bb9 |
| vulnerability_id |
VCID-yyq6-dvyx-3bb9 |
| summary |
Magento vulnerable to stored Cross-Site Scripting (XSS)
Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. Exploitation of this issue requires user interaction in that a victim must browse to the page containing the vulnerable field. Scope is changed. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-54266, GHSA-pcrx-r49h-x2w5
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yyq6-dvyx-3bb9 |
|
| 120 |
| url |
VCID-z2v2-n138-6ydv |
| vulnerability_id |
VCID-z2v2-n138-6ydv |
| summary |
Magento Open Source stored Cross-Site Scripting (XSS) vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
4.8 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45127, GHSA-c89g-gq5r-2xw2
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z2v2-n138-6ydv |
|
| 121 |
| url |
VCID-zdpz-8tc2-6kah |
| vulnerability_id |
VCID-zdpz-8tc2-6kah |
| summary |
Magento Open Source Improper Authorization vulnerability
Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity and availability. Exploitation of this issue does not require user interaction. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/magento/magento2 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/magento/magento2 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.4-p11 |
| purl |
pkg:composer/magento/community-edition@2.4.4-p11 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.5-p10 |
| purl |
pkg:composer/magento/community-edition@2.4.5-p10 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10 |
|
| 2 |
| url |
pkg:composer/magento/community-edition@2.4.6-p8 |
| purl |
pkg:composer/magento/community-edition@2.4.6-p8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 1 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 2 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 3 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 4 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 5 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 6 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 7 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 8 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 9 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 10 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 11 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 12 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 13 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 14 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 15 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 16 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 17 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 18 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 19 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 20 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 21 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 22 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 23 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8 |
|
| 3 |
| url |
pkg:composer/magento/community-edition@2.4.7-p3 |
| purl |
pkg:composer/magento/community-edition@2.4.7-p3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 4 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 5 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 6 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 7 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 8 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 9 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 10 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 11 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 12 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 13 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 14 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 15 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 16 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 17 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 18 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 19 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 20 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 21 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 22 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 23 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 24 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 25 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 26 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 27 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 28 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 29 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 30 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 31 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 32 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 33 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 34 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 35 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 36 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 37 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 38 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 39 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 40 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 41 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 42 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 43 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 44 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3 |
|
| 4 |
| url |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| purl |
pkg:composer/magento/community-edition@2.4.8-beta1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 4 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 5 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 6 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 7 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 8 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 9 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 10 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 11 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 12 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 13 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 14 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 15 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 16 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 17 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 18 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 19 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 20 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 21 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 22 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 23 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 24 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 25 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 26 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 27 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 28 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 29 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 30 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 31 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 32 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 33 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 34 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 35 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 36 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 37 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 38 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 39 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1 |
|
|
| aliases |
CVE-2024-45128, GHSA-qpp7-742q-58j3
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zdpz-8tc2-6kah |
|
| 122 |
| url |
VCID-zkkk-5q62-ubca |
| vulnerability_id |
VCID-zkkk-5q62-ubca |
| summary |
Magento improper input validation vulnerability
Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.3-p2 |
| purl |
pkg:composer/magento/community-edition@2.4.3-p2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 10 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 11 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 12 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 13 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 14 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 15 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 16 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 17 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 18 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 19 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 20 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 21 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 22 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 23 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 24 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 25 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 26 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 27 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 28 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 29 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 30 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 31 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 32 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 33 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 34 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 40 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 41 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 42 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 43 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 44 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 45 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 46 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 47 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 48 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 49 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 50 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 51 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 52 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 53 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 54 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 55 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 56 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 57 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 58 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 59 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 60 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 61 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 62 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 63 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 64 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 65 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 66 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 67 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 68 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 69 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 72 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 73 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 74 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 75 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 76 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 77 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 78 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 79 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 80 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 81 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 82 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 83 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 84 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 85 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 86 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 87 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 88 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 89 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 90 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 91 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 92 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 93 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p2 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.3 |
| purl |
pkg:composer/magento/community-edition@2.4.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 2 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 3 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 4 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 5 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 6 |
| vulnerability |
VCID-5wfa-wpby-dke1 |
|
| 7 |
| vulnerability |
VCID-69wt-c418-mubr |
|
| 8 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 9 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 19 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 20 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 21 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 22 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 23 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 24 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 25 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 26 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 27 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 28 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 29 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 30 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 31 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 32 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 33 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 34 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 35 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 36 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 37 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 38 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 39 |
| vulnerability |
VCID-fyh6-gupt-eqgm |
|
| 40 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 41 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 42 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 43 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 44 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 45 |
| vulnerability |
VCID-hd53-pxmk-ruap |
|
| 46 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 47 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 48 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 49 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 50 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 51 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 52 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 53 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 54 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 55 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 56 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 57 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 58 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 59 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 60 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 61 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 62 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 63 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 64 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 65 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 66 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 67 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 68 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 69 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 70 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 71 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 72 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 73 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 74 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 75 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 76 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 77 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 78 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 79 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 80 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 81 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 82 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 83 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 84 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 85 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 86 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 87 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 88 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 89 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 90 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 91 |
| vulnerability |
VCID-y93w-2qcc-wqg8 |
|
| 92 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 93 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 94 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3 |
|
|
| aliases |
CVE-2022-24086, GHSA-f8fv-f786-9933
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zkkk-5q62-ubca |
|
| 123 |
| url |
VCID-zubf-dqv7-xkf3 |
| vulnerability_id |
VCID-zubf-dqv7-xkf3 |
| summary |
Cross-site Scripting
Magento is vulnerable to Cross-Site Scripting in the admin console. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Access to the admin console is required for successful exploitation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/magento/community-edition@2.4.1-p1 |
| purl |
pkg:composer/magento/community-edition@2.4.1-p1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 3 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 4 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 5 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 6 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 7 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 8 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 9 |
| vulnerability |
VCID-6wdt-8fbe-hkbe |
|
| 10 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 11 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 12 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 13 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 14 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 15 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 16 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 17 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 18 |
| vulnerability |
VCID-apue-gaqy-n3cq |
|
| 19 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 20 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 21 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 22 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 23 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 24 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 25 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 26 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 27 |
| vulnerability |
VCID-cae3-fgn1-83hu |
|
| 28 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 29 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 30 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 31 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 32 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 33 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 34 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 35 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 36 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 37 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 38 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 39 |
| vulnerability |
VCID-ed87-d3y2-wfck |
|
| 40 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 41 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 42 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 43 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 44 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 45 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 46 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 47 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 48 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 49 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 50 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 51 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 52 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 53 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 54 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 55 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 56 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 57 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 58 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 59 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 60 |
| vulnerability |
VCID-mtes-xpe5-qkdj |
|
| 61 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 62 |
| vulnerability |
VCID-nm39-k1su-yyep |
|
| 63 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 64 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 65 |
| vulnerability |
VCID-q4yr-fqww-tbb1 |
|
| 66 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 67 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 68 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 69 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 70 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 71 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 72 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 73 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 74 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 75 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 76 |
| vulnerability |
VCID-sd6n-a9mk-aufb |
|
| 77 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 78 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 79 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 80 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 81 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 82 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 83 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 84 |
| vulnerability |
VCID-u2hc-27c2-1udc |
|
| 85 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 86 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 87 |
| vulnerability |
VCID-ve4u-d5rz-wyab |
|
| 88 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 89 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 90 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 91 |
| vulnerability |
VCID-w4uu-k7nk-a7hr |
|
| 92 |
| vulnerability |
VCID-wbt5-q9qd-8kby |
|
| 93 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 94 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 95 |
| vulnerability |
VCID-xbhh-m11c-gkeu |
|
| 96 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 97 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 98 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 99 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 100 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 101 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 102 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 103 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 104 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 105 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 106 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1 |
|
| 1 |
| url |
pkg:composer/magento/community-edition@2.4.2 |
| purl |
pkg:composer/magento/community-edition@2.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1jsp-392b-2fgb |
|
| 1 |
| vulnerability |
VCID-1k4q-2ttb-13hd |
|
| 2 |
| vulnerability |
VCID-2g87-y8ek-xfdr |
|
| 3 |
| vulnerability |
VCID-2ttz-k7d2-jucf |
|
| 4 |
| vulnerability |
VCID-2vsw-t8k2-4bfm |
|
| 5 |
| vulnerability |
VCID-36ve-7wxt-z7fz |
|
| 6 |
| vulnerability |
VCID-3g5s-hryc-5qa9 |
|
| 7 |
| vulnerability |
VCID-3zcy-b3th-ukhd |
|
| 8 |
| vulnerability |
VCID-4cbe-djqs-tug1 |
|
| 9 |
| vulnerability |
VCID-4dae-vty8-b7hk |
|
| 10 |
| vulnerability |
VCID-4w1v-es9j-subp |
|
| 11 |
| vulnerability |
VCID-5gxr-xksz-5ydb |
|
| 12 |
| vulnerability |
VCID-69wt-c418-mubr |
|
| 13 |
| vulnerability |
VCID-6mjf-p1d9-8qa1 |
|
| 14 |
| vulnerability |
VCID-6p6q-ctya-q3bv |
|
| 15 |
| vulnerability |
VCID-6tx4-wexr-fkbb |
|
| 16 |
| vulnerability |
VCID-7pr7-uqp1-sugt |
|
| 17 |
| vulnerability |
VCID-7s3w-8dn6-jqh7 |
|
| 18 |
| vulnerability |
VCID-7s74-rdkp-vyaf |
|
| 19 |
| vulnerability |
VCID-8hx4-r8bb-n7ge |
|
| 20 |
| vulnerability |
VCID-8ky6-w2nk-9bds |
|
| 21 |
| vulnerability |
VCID-8shb-t5zp-rqbu |
|
| 22 |
| vulnerability |
VCID-8u5e-d6nx-3khc |
|
| 23 |
| vulnerability |
VCID-9vrt-uccb-myev |
|
| 24 |
| vulnerability |
VCID-a9b6-tenb-afdw |
|
| 25 |
| vulnerability |
VCID-ayfe-5a7g-u7b7 |
|
| 26 |
| vulnerability |
VCID-b3cn-pjp3-4yhm |
|
| 27 |
| vulnerability |
VCID-b5hn-f1qk-z7cu |
|
| 28 |
| vulnerability |
VCID-b9ry-u6qy-j7cc |
|
| 29 |
| vulnerability |
VCID-bch8-kq49-skhm |
|
| 30 |
| vulnerability |
VCID-bera-73sm-bbh7 |
|
| 31 |
| vulnerability |
VCID-bkpz-ratd-e7ab |
|
| 32 |
| vulnerability |
VCID-bzyh-c5tm-j7dn |
|
| 33 |
| vulnerability |
VCID-c1ta-jffg-cfg9 |
|
| 34 |
| vulnerability |
VCID-c4ms-3und-c7d1 |
|
| 35 |
| vulnerability |
VCID-cafy-5dd8-rudj |
|
| 36 |
| vulnerability |
VCID-ccx1-qacj-2qev |
|
| 37 |
| vulnerability |
VCID-cfjt-51xj-qqdw |
|
| 38 |
| vulnerability |
VCID-cm2a-1yc5-v3cy |
|
| 39 |
| vulnerability |
VCID-cqjn-3z6n-sff1 |
|
| 40 |
| vulnerability |
VCID-d6mk-hg8h-7qbc |
|
| 41 |
| vulnerability |
VCID-dj5a-35gt-u7dn |
|
| 42 |
| vulnerability |
VCID-dpm5-tmsy-2bez |
|
| 43 |
| vulnerability |
VCID-du16-f2wp-t3cw |
|
| 44 |
| vulnerability |
VCID-dur2-pfke-h7hf |
|
| 45 |
| vulnerability |
VCID-e7zd-dn28-4bf1 |
|
| 46 |
| vulnerability |
VCID-eahe-s41f-ckc1 |
|
| 47 |
| vulnerability |
VCID-egy6-nku7-zyap |
|
| 48 |
| vulnerability |
VCID-er49-k3tc-ufcu |
|
| 49 |
| vulnerability |
VCID-evth-swm9-k3de |
|
| 50 |
| vulnerability |
VCID-eygc-ra9u-gyej |
|
| 51 |
| vulnerability |
VCID-fz5y-um7w-63f4 |
|
| 52 |
| vulnerability |
VCID-fz6y-fece-skgr |
|
| 53 |
| vulnerability |
VCID-fzm9-e6bg-r7aw |
|
| 54 |
| vulnerability |
VCID-gedj-39p5-ubd6 |
|
| 55 |
| vulnerability |
VCID-gxj9-a1hc-47de |
|
| 56 |
| vulnerability |
VCID-gxnx-f2qh-3yf9 |
|
| 57 |
| vulnerability |
VCID-hbau-7tvg-cygz |
|
| 58 |
| vulnerability |
VCID-hfbb-ax6r-tbaz |
|
| 59 |
| vulnerability |
VCID-hq7k-qz7g-4bc2 |
|
| 60 |
| vulnerability |
VCID-hspp-kw5e-akbr |
|
| 61 |
| vulnerability |
VCID-j6ss-8f4e-e7g2 |
|
| 62 |
| vulnerability |
VCID-jr49-4fs3-8qcp |
|
| 63 |
| vulnerability |
VCID-kezx-5nw5-hfen |
|
| 64 |
| vulnerability |
VCID-kgws-xvjr-g7bv |
|
| 65 |
| vulnerability |
VCID-kje4-asu6-dfg2 |
|
| 66 |
| vulnerability |
VCID-kq4m-anrt-rugn |
|
| 67 |
| vulnerability |
VCID-kuzc-uv5b-v7an |
|
| 68 |
| vulnerability |
VCID-kv6x-nz1s-uuar |
|
| 69 |
| vulnerability |
VCID-kyvw-d4e8-1fd4 |
|
| 70 |
| vulnerability |
VCID-md7v-w5aq-t7h1 |
|
| 71 |
| vulnerability |
VCID-mhvf-2keh-2qar |
|
| 72 |
| vulnerability |
VCID-mjb6-7au8-5fdx |
|
| 73 |
| vulnerability |
VCID-mzsj-dck5-pqc5 |
|
| 74 |
| vulnerability |
VCID-n5mn-3a8f-nbdb |
|
| 75 |
| vulnerability |
VCID-nn21-hf8r-ykfd |
|
| 76 |
| vulnerability |
VCID-ns8t-vtcn-aqh4 |
|
| 77 |
| vulnerability |
VCID-p1py-xewy-7khn |
|
| 78 |
| vulnerability |
VCID-p9qx-66yy-1kc1 |
|
| 79 |
| vulnerability |
VCID-pm85-dfg2-euep |
|
| 80 |
| vulnerability |
VCID-pxxm-ce8x-abdq |
|
| 81 |
| vulnerability |
VCID-qgpx-hgzu-5qgp |
|
| 82 |
| vulnerability |
VCID-qp7s-amch-v3cd |
|
| 83 |
| vulnerability |
VCID-qrwc-3gsb-zkfy |
|
| 84 |
| vulnerability |
VCID-qzqd-271b-ybfj |
|
| 85 |
| vulnerability |
VCID-r4bw-w4t9-23ek |
|
| 86 |
| vulnerability |
VCID-rduw-apr6-4fdu |
|
| 87 |
| vulnerability |
VCID-re84-qg3k-3ub3 |
|
| 88 |
| vulnerability |
VCID-rgnq-s54v-vkdm |
|
| 89 |
| vulnerability |
VCID-rxac-w9pd-aqe1 |
|
| 90 |
| vulnerability |
VCID-s4bp-kzfu-8qfy |
|
| 91 |
| vulnerability |
VCID-scg7-ugdn-53b9 |
|
| 92 |
| vulnerability |
VCID-shfz-pxan-v3ar |
|
| 93 |
| vulnerability |
VCID-tc3m-4bkg-qkcf |
|
| 94 |
| vulnerability |
VCID-te3b-exz5-zke1 |
|
| 95 |
| vulnerability |
VCID-th7y-aj51-mbaj |
|
| 96 |
| vulnerability |
VCID-tvz9-8s4d-gbg6 |
|
| 97 |
| vulnerability |
VCID-txb3-ez5r-r7ek |
|
| 98 |
| vulnerability |
VCID-tzug-ckkn-dyft |
|
| 99 |
| vulnerability |
VCID-ugyc-gehq-rudu |
|
| 100 |
| vulnerability |
VCID-vcdk-gdky-7fdg |
|
| 101 |
| vulnerability |
VCID-vp8y-y64r-wkc9 |
|
| 102 |
| vulnerability |
VCID-vu36-a1g1-nugt |
|
| 103 |
| vulnerability |
VCID-vx13-4b1d-wbgp |
|
| 104 |
| vulnerability |
VCID-w42y-yc7r-kqhp |
|
| 105 |
| vulnerability |
VCID-wh14-k3ex-pubq |
|
| 106 |
| vulnerability |
VCID-wvyx-2bbb-9yf7 |
|
| 107 |
| vulnerability |
VCID-wzu6-rbsv-mkde |
|
| 108 |
| vulnerability |
VCID-xfvu-2zg4-ruf6 |
|
| 109 |
| vulnerability |
VCID-xk5y-7a1w-zba9 |
|
| 110 |
| vulnerability |
VCID-xsq8-ztqh-ubb8 |
|
| 111 |
| vulnerability |
VCID-y1v3-9tyq-uqhd |
|
| 112 |
| vulnerability |
VCID-y4u6-cy8y-hyae |
|
| 113 |
| vulnerability |
VCID-y7x4-664r-3fbk |
|
| 114 |
| vulnerability |
VCID-yvcy-4e8m-p3b8 |
|
| 115 |
| vulnerability |
VCID-yyq6-dvyx-3bb9 |
|
| 116 |
| vulnerability |
VCID-z2v2-n138-6ydv |
|
| 117 |
| vulnerability |
VCID-zdpz-8tc2-6kah |
|
| 118 |
| vulnerability |
VCID-ze8y-4wfs-hbf9 |
|
| 119 |
| vulnerability |
VCID-zkkk-5q62-ubca |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2 |
|
|
| aliases |
CVE-2021-21029, GHSA-jwxh-wj79-ccm6
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zubf-dqv7-xkf3 |
|