{"url":"http://public2.vulnerablecode.io/api/packages/60732?format=json","purl":"pkg:composer/magento/community-edition@2.4.0","type":"composer","namespace":"magento","name":"community-edition","version":"2.4.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.4.4-p13","latest_non_vulnerable_version":"2.4.9-alpha3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111547?format=json","vulnerability_id":"VCID-1b6m-qfes-mqab","summary":"Magento Insufficient Session Expiration\nMagento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Successful exploitation could lead to unauthorized access to restricted resources. Access to the admin console is not required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21031","reference_id":"","reference_type":"","scores":[{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38019","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38109","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21031"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21031","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21031"},{"reference_url":"https://github.com/advisories/GHSA-4h3p-63x6-vwg2","reference_id":"GHSA-4h3p-63x6-vwg2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4h3p-63x6-vwg2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79754?format=json","purl":"pkg:composer/magento/community-edition@2.4.1-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1"}],"aliases":["CVE-2021-21031","GHSA-4h3p-63x6-vwg2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1b6m-qfes-mqab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41444?format=json","vulnerability_id":"VCID-1k4q-2ttb-13hd","summary":"Information Exposure\nMagento is vulnerable to an Information Disclosure vulnerability when uploading a modified png file to a product image. Successful exploitation could lead to the disclosure of document root path by an unauthenticated attacker. Access to the admin console is required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28566","reference_id":"","reference_type":"","scores":[{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.73061","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.73099","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28566"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-30.html","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-30.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28566","reference_id":"CVE-2021-28566","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28566"},{"reference_url":"https://github.com/advisories/GHSA-w942-fw92-mqm2","reference_id":"GHSA-w942-fw92-mqm2","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w942-fw92-mqm2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58956?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2g87-y8ek-xfdr"},{"vulnerability":"VCID-2ttz-k7d2-jucf"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-36ve-7wxt-z7fz"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4cbe-djqs-tug1"},{"vulnerability":"VCID-4w1v-es9j-subp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6mjf-p1d9-8qa1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-8u5e-d6nx-3khc"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b5hn-f1qk-z7cu"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c1ta-jffg-cfg9"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cfjt-51xj-qqdw"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-er49-k3tc-ufcu"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fz6y-fece-skgr"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gxnx-f2qh-3yf9"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hspp-kw5e-akbr"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kgws-xvjr-g7bv"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kv6x-nz1s-uuar"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-n5mn-3a8f-nbdb"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-nn21-hf8r-ykfd"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p1py-xewy-7khn"},{"vulnerability":"VCID-p9qx-66yy-1kc1"},{"vulnerability":"VCID-pm85-dfg2-euep"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rgnq-s54v-vkdm"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w42y-yc7r-kqhp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wh14-k3ex-pubq"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-ze8y-4wfs-hbf9"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/66998?format=json","purl":"pkg:composer/magento/community-edition@2.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3"}],"aliases":["CVE-2021-28566","GHSA-w942-fw92-mqm2"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1k4q-2ttb-13hd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56632?format=json","vulnerability_id":"VCID-2vsw-t8k2-4bfm","summary":"Adobe Commerce Improper Authorization vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11  and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both confidentiality and integrity impact. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24409","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34796","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24409"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T19:11:11Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24409","reference_id":"CVE-2025-24409","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24409"},{"reference_url":"https://github.com/advisories/GHSA-vw47-79jv-3598","reference_id":"GHSA-vw47-79jv-3598","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vw47-79jv-3598"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24409","GHSA-vw47-79jv-3598"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2vsw-t8k2-4bfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55685?format=json","vulnerability_id":"VCID-3zcy-b3th-ukhd","summary":"Magento Improper Access Control Leads to Privilege escalation\nAdobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39419","reference_id":"","reference_type":"","scores":[{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46342","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39419"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:08:00Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39419","reference_id":"CVE-2024-39419","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39419"},{"reference_url":"https://github.com/advisories/GHSA-74w7-cr4v-wf2v","reference_id":"GHSA-74w7-cr4v-wf2v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-74w7-cr4v-wf2v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39419","GHSA-74w7-cr4v-wf2v"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3zcy-b3th-ukhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55687?format=json","vulnerability_id":"VCID-5gxr-xksz-5ydb","summary":"Magento Improper Authorization leads to security feature bypass\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39411","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54196","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39411"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:14Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39411","reference_id":"CVE-2024-39411","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39411"},{"reference_url":"https://github.com/advisories/GHSA-qm77-mqf3-fmhq","reference_id":"GHSA-qm77-mqf3-fmhq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qm77-mqf3-fmhq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39411","GHSA-qm77-mqf3-fmhq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5gxr-xksz-5ydb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56639?format=json","vulnerability_id":"VCID-6tx4-wexr-fkbb","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain elevated privileges. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24437","reference_id":"","reference_type":"","scores":[{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35712","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24437"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:35Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24437","reference_id":"CVE-2025-24437","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24437"},{"reference_url":"https://github.com/advisories/GHSA-469f-wf4f-3jjv","reference_id":"GHSA-469f-wf4f-3jjv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-469f-wf4f-3jjv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24437","GHSA-469f-wf4f-3jjv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6tx4-wexr-fkbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112057?format=json","vulnerability_id":"VCID-6wdt-8fbe-hkbe","summary":"Magento Improper Authorization vulnerability in the customers module\nMagento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are vulnerable to an Improper Authorization vulnerability in the customers module. Successful exploitation could allow a low-privileged user to modify customer data. Access to the admin console is required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28567","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27852","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27786","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28567"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-30.html","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-30.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28567","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28567"},{"reference_url":"https://github.com/advisories/GHSA-cc3w-r3w8-hfh7","reference_id":"GHSA-cc3w-r3w8-hfh7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cc3w-r3w8-hfh7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58956?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2g87-y8ek-xfdr"},{"vulnerability":"VCID-2ttz-k7d2-jucf"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-36ve-7wxt-z7fz"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4cbe-djqs-tug1"},{"vulnerability":"VCID-4w1v-es9j-subp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6mjf-p1d9-8qa1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-8u5e-d6nx-3khc"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b5hn-f1qk-z7cu"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c1ta-jffg-cfg9"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cfjt-51xj-qqdw"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-er49-k3tc-ufcu"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fz6y-fece-skgr"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gxnx-f2qh-3yf9"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hspp-kw5e-akbr"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kgws-xvjr-g7bv"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kv6x-nz1s-uuar"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-n5mn-3a8f-nbdb"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-nn21-hf8r-ykfd"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p1py-xewy-7khn"},{"vulnerability":"VCID-p9qx-66yy-1kc1"},{"vulnerability":"VCID-pm85-dfg2-euep"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rgnq-s54v-vkdm"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w42y-yc7r-kqhp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wh14-k3ex-pubq"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-ze8y-4wfs-hbf9"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1"}],"aliases":["CVE-2021-28567","GHSA-cc3w-r3w8-hfh7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6wdt-8fbe-hkbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55986?format=json","vulnerability_id":"VCID-7pr7-uqp1-sugt","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45130","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24284","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45130"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:01:33Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45130","reference_id":"CVE-2024-45130","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45130"},{"reference_url":"https://github.com/advisories/GHSA-v3v6-jfvw-m576","reference_id":"GHSA-v3v6-jfvw-m576","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v3v6-jfvw-m576"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45130","GHSA-v3v6-jfvw-m576"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7pr7-uqp1-sugt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55982?format=json","vulnerability_id":"VCID-7s3w-8dn6-jqh7","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source  versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45124","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2697","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45124"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:54:17Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45124","reference_id":"CVE-2024-45124","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45124"},{"reference_url":"https://github.com/advisories/GHSA-w3p2-pc3h-69wv","reference_id":"GHSA-w3p2-pc3h-69wv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w3p2-pc3h-69wv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45124","GHSA-w3p2-pc3h-69wv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7s3w-8dn6-jqh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56638?format=json","vulnerability_id":"VCID-7s74-rdkp-vyaf","summary":"Magento Incorrect Authorization vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to perform actions with permissions that were not granted. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24421","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35372","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24421"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:01Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24421","reference_id":"CVE-2025-24421","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24421"},{"reference_url":"https://github.com/advisories/GHSA-v6r2-425c-hfrr","reference_id":"GHSA-v6r2-425c-hfrr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v6r2-425c-hfrr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24421","GHSA-v6r2-425c-hfrr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7s74-rdkp-vyaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111051?format=json","vulnerability_id":"VCID-8ape-agd1-s7hf","summary":"Magento Improper Access Control\nMagento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an access control bypass vulnerability in the Login as Customer module. Successful exploitation could lead to unauthorized access to restricted resources.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21020","reference_id":"","reference_type":"","scores":[{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29099","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29169","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21020"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21020","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21020"},{"reference_url":"https://github.com/advisories/GHSA-2j6v-829g-885q","reference_id":"GHSA-2j6v-829g-885q","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2j6v-829g-885q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79754?format=json","purl":"pkg:composer/magento/community-edition@2.4.1-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1"}],"aliases":["CVE-2021-21020","GHSA-2j6v-829g-885q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8ape-agd1-s7hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56636?format=json","vulnerability_id":"VCID-8hx4-r8bb-n7ge","summary":"Magento stored Cross-Site Scripting (XSS) vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24428","reference_id":"","reference_type":"","scores":[{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77594","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24428"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:10Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24428","reference_id":"CVE-2025-24428","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24428"},{"reference_url":"https://github.com/advisories/GHSA-mm87-rrqx-94cr","reference_id":"GHSA-mm87-rrqx-94cr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mm87-rrqx-94cr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24428","GHSA-mm87-rrqx-94cr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8hx4-r8bb-n7ge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56625?format=json","vulnerability_id":"VCID-8ky6-w2nk-9bds","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24411","reference_id":"","reference_type":"","scores":[{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.28955","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24411"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:40Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24411","reference_id":"CVE-2025-24411","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24411"},{"reference_url":"https://github.com/advisories/GHSA-36hw-x3cc-m258","reference_id":"GHSA-36hw-x3cc-m258","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-36hw-x3cc-m258"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24411","GHSA-36hw-x3cc-m258"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8ky6-w2nk-9bds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57107?format=json","vulnerability_id":"VCID-8shb-t5zp-rqbu","summary":"Magento Improper Access Control leads to Security feature bypass\nMagento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27190","reference_id":"","reference_type":"","scores":[{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50333","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27190"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:02Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27190","reference_id":"CVE-2025-27190","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27190"},{"reference_url":"https://github.com/advisories/GHSA-6wq7-cg9h-mj6q","reference_id":"GHSA-6wq7-cg9h-mj6q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6wq7-cg9h-mj6q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84773?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/84774?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84775?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/84776?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-27190","GHSA-6wq7-cg9h-mj6q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8shb-t5zp-rqbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55677?format=json","vulnerability_id":"VCID-9vrt-uccb-myev","summary":"Magento Improper Authorization Leading to Security feature bypass\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39415","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54196","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39415"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:13:06Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39415","reference_id":"CVE-2024-39415","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39415"},{"reference_url":"https://github.com/advisories/GHSA-gj93-84g5-mcjq","reference_id":"GHSA-gj93-84g5-mcjq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gj93-84g5-mcjq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39415","GHSA-gj93-84g5-mcjq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9vrt-uccb-myev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56631?format=json","vulnerability_id":"VCID-a9b6-tenb-afdw","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24416","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24416"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:48Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24416","reference_id":"CVE-2025-24416","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24416"},{"reference_url":"https://github.com/advisories/GHSA-rjjw-g6hw-7pc9","reference_id":"GHSA-rjjw-g6hw-7pc9","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rjjw-g6hw-7pc9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24416","GHSA-rjjw-g6hw-7pc9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a9b6-tenb-afdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111197?format=json","vulnerability_id":"VCID-apue-gaqy-n3cq","summary":"Magento 2 Community Edition Incorrect Authorization\nMagento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect authorization vulnerability. A user can still access resources provisioned under their old role after an administrator removes the role or disables the user's account.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24401","reference_id":"","reference_type":"","scores":[{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.52037","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.52097","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24401"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24401","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24401"},{"reference_url":"https://github.com/advisories/GHSA-f2g3-3c6q-4478","reference_id":"GHSA-f2g3-3c6q-4478","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f2g3-3c6q-4478"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78954?format=json","purl":"pkg:composer/magento/community-edition@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1"}],"aliases":["CVE-2020-24401","GHSA-f2g3-3c6q-4478"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-apue-gaqy-n3cq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55362?format=json","vulnerability_id":"VCID-ayfe-5a7g-u7b7","summary":"Magento Open Source affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability\nAdobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34102","reference_id":"","reference_type":"","scores":[{"value":"0.94171","scoring_system":"epss","scoring_elements":"0.9992","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34102"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2024-34102.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/magento/product-community-edition/CVE-2024-34102.yaml"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482#diff-84a0773a6287fbbaadf3b9103f4a137fc0b6946de2437ddfd6f60a0722cf8d23","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482#diff-84a0773a6287fbbaadf3b9103f4a137fc0b6946de2437ddfd6f60a0722cf8d23"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-07-18T03:55:19Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-07-18T03:55:19Z/"}],"url":"https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34102","reference_id":"CVE-2024-34102","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34102"},{"reference_url":"https://github.com/advisories/GHSA-m8cj-3v68-3cxj","reference_id":"GHSA-m8cj-3v68-3cxj","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m8cj-3v68-3cxj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81855?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/81854?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-y4u6-cy8y-hyae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/81853?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34102","GHSA-m8cj-3v68-3cxj"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ayfe-5a7g-u7b7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56637?format=json","vulnerability_id":"VCID-b3cn-pjp3-4yhm","summary":"Magento Business Logic Error vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Business Logic Error vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to circumvent intended security mechanisms by manipulating the logic of the application's operations causing limited data modification. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24425","reference_id":"","reference_type":"","scores":[{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.48014","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24425"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:51:39Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24425","reference_id":"CVE-2025-24425","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24425"},{"reference_url":"https://github.com/advisories/GHSA-6ff8-jrfg-43hh","reference_id":"GHSA-6ff8-jrfg-43hh","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6ff8-jrfg-43hh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24425","GHSA-6ff8-jrfg-43hh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b3cn-pjp3-4yhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55686?format=json","vulnerability_id":"VCID-b9ry-u6qy-j7cc","summary":"Magento Improper Authorization leads to Security feature bypass\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39417","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.54196","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39417"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:31Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39417","reference_id":"CVE-2024-39417","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39417"},{"reference_url":"https://github.com/advisories/GHSA-4xmj-f664-hv98","reference_id":"GHSA-4xmj-f664-hv98","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4xmj-f664-hv98"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39417","GHSA-4xmj-f664-hv98"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b9ry-u6qy-j7cc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55994?format=json","vulnerability_id":"VCID-bch8-kq49-skhm","summary":"Magento Open Source reflected Cross-Site Scripting (XSS) vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45123","reference_id":"","reference_type":"","scores":[{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79671","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45123"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:45Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45123","reference_id":"CVE-2024-45123","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45123"},{"reference_url":"https://github.com/advisories/GHSA-88x2-cq34-5fwc","reference_id":"GHSA-88x2-cq34-5fwc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-88x2-cq34-5fwc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45123","GHSA-88x2-cq34-5fwc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bch8-kq49-skhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55365?format=json","vulnerability_id":"VCID-bera-73sm-bbh7","summary":"Magento Open Source Incorrect Authorization vulnerability\nAdobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could exploit this vulnerability to gain unauthorized access or perform actions with the privileges of another user. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34106","reference_id":"","reference_type":"","scores":[{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.71367","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34106"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-13T16:21:10Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34106","reference_id":"CVE-2024-34106","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34106"},{"reference_url":"https://github.com/advisories/GHSA-p6h9-gx5g-wg64","reference_id":"GHSA-p6h9-gx5g-wg64","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p6h9-gx5g-wg64"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81855?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/81854?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-y4u6-cy8y-hyae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/81853?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34106","GHSA-p6h9-gx5g-wg64"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bera-73sm-bbh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55688?format=json","vulnerability_id":"VCID-bkpz-ratd-e7ab","summary":"Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability\nMagento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39410","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67001","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39410"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:47Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39410","reference_id":"CVE-2024-39410","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39410"},{"reference_url":"https://github.com/advisories/GHSA-4323-f82v-f6jr","reference_id":"GHSA-4323-f82v-f6jr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4323-f82v-f6jr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39410","GHSA-4323-f82v-f6jr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bkpz-ratd-e7ab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55364?format=json","vulnerability_id":"VCID-bzyh-c5tm-j7dn","summary":"Magento Open Source Cross-Site Scripting (XSS) vulnerability\nAdobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34105","reference_id":"","reference_type":"","scores":[{"value":"0.01961","scoring_system":"epss","scoring_elements":"0.83856","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34105"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T16:04:12Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34105","reference_id":"CVE-2024-34105","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34105"},{"reference_url":"https://github.com/advisories/GHSA-5632-wq7m-gfq9","reference_id":"GHSA-5632-wq7m-gfq9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5632-wq7m-gfq9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81855?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/81854?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-y4u6-cy8y-hyae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/81853?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34105","GHSA-5632-wq7m-gfq9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bzyh-c5tm-j7dn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109978?format=json","vulnerability_id":"VCID-c4ms-3und-c7d1","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker with a low privilege account could leverage this vulnerability to perform an account takeover for a victim. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34255","reference_id":"","reference_type":"","scores":[{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66834","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66874","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34255"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523"},{"reference_url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa"},{"reference_url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:06:09Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34255","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34255"},{"reference_url":"https://github.com/advisories/GHSA-x95x-f4g9-mm85","reference_id":"GHSA-x95x-f4g9-mm85","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x95x-f4g9-mm85"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/64404?format=json","purl":"pkg:composer/magento/community-edition@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-34255","GHSA-x95x-f4g9-mm85"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c4ms-3und-c7d1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111467?format=json","vulnerability_id":"VCID-c4mx-9727-nfgs","summary":"Magento stored cross-site scripting (XSS) in the customer address upload feature\nMagento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting (XSS) in the customer address upload feature. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21030","reference_id":"","reference_type":"","scores":[{"value":"0.06281","scoring_system":"epss","scoring_elements":"0.9109","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06281","scoring_system":"epss","scoring_elements":"0.91103","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21030"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21030","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21030"},{"reference_url":"https://github.com/advisories/GHSA-6988-g89m-27vf","reference_id":"GHSA-6988-g89m-27vf","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6988-g89m-27vf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79754?format=json","purl":"pkg:composer/magento/community-edition@2.4.1-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1"}],"aliases":["CVE-2021-21030","GHSA-6988-g89m-27vf"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c4mx-9727-nfgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111502?format=json","vulnerability_id":"VCID-cae3-fgn1-83hu","summary":"Magento incorrect permissions vulnerability in the Integrations component\nMagento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect permissions vulnerability in the Integrations component. This vulnerability could be abused by authenticated users with permissions to the Resource Access API to delete customer details via the REST API without authorization.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24402","reference_id":"","reference_type":"","scores":[{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40758","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40836","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24402"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24402","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24402"},{"reference_url":"https://github.com/advisories/GHSA-hvf5-4jr9-fghh","reference_id":"GHSA-hvf5-4jr9-fghh","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hvf5-4jr9-fghh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78954?format=json","purl":"pkg:composer/magento/community-edition@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1"}],"aliases":["CVE-2020-24402","GHSA-hvf5-4jr9-fghh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cae3-fgn1-83hu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55689?format=json","vulnerability_id":"VCID-cqjn-3z6n-sff1","summary":"Magento Improper Authorization leads to Security feature bypass\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39416","reference_id":"","reference_type":"","scores":[{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55365","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39416"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:27Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39416","reference_id":"CVE-2024-39416","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39416"},{"reference_url":"https://github.com/advisories/GHSA-4xgg-rw35-7mv5","reference_id":"GHSA-4xgg-rw35-7mv5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4xgg-rw35-7mv5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39416","GHSA-4xgg-rw35-7mv5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cqjn-3z6n-sff1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56643?format=json","vulnerability_id":"VCID-d6mk-hg8h-7qbc","summary":"Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing security mechanisms. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24432","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27789","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24432"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T19:09:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24432","reference_id":"CVE-2025-24432","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24432"},{"reference_url":"https://github.com/advisories/GHSA-7jmr-43qj-pw47","reference_id":"GHSA-7jmr-43qj-pw47","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7jmr-43qj-pw47"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24432","GHSA-7jmr-43qj-pw47"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d6mk-hg8h-7qbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/108762?format=json","vulnerability_id":"VCID-dpm5-tmsy-2bez","summary":"Magento Improper input validation vulnerability\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the `V1/customers/me` endpoint to achieve information exposure and privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42344","reference_id":"","reference_type":"","scores":[{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39758","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39844","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-42344"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42344","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42344"},{"reference_url":"https://github.com/advisories/GHSA-297f-r9w7-w492","reference_id":"GHSA-297f-r9w7-w492","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-297f-r9w7-w492"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/66998?format=json","purl":"pkg:composer/magento/community-edition@2.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-42344","GHSA-297f-r9w7-w492"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dpm5-tmsy-2bez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53776?format=json","vulnerability_id":"VCID-dqkx-knjf-47hh","summary":"SQL Injection\nMagento This vulnerability could be exploited by an authenticated user with permissions to the product listing page to read data from the database.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24400","reference_id":"","reference_type":"","scores":[{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49295","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49356","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24400"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24400","reference_id":"CVE-2020-24400","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24400"},{"reference_url":"https://github.com/advisories/GHSA-pf6w-3pfw-fxvw","reference_id":"GHSA-pf6w-3pfw-fxvw","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pf6w-3pfw-fxvw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78954?format=json","purl":"pkg:composer/magento/community-edition@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1"}],"aliases":["CVE-2020-24400","GHSA-pf6w-3pfw-fxvw"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dqkx-knjf-47hh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55700?format=json","vulnerability_id":"VCID-du16-f2wp-t3cw","summary":"Magento Open Source Improper Authorization vulnerability\nMagento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39412","reference_id":"","reference_type":"","scores":[{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50575","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39412"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:56Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39412","reference_id":"CVE-2024-39412","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39412"},{"reference_url":"https://github.com/advisories/GHSA-7472-vw39-g2j3","reference_id":"GHSA-7472-vw39-g2j3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7472-vw39-g2j3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39412","GHSA-7472-vw39-g2j3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-du16-f2wp-t3cw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55357?format=json","vulnerability_id":"VCID-dur2-pfke-h7hf","summary":"Magento Open Source Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34107","reference_id":"","reference_type":"","scores":[{"value":"0.00729","scoring_system":"epss","scoring_elements":"0.73067","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34107"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-14T13:30:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34107","reference_id":"CVE-2024-34107","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34107"},{"reference_url":"https://github.com/advisories/GHSA-r7cm-g469-wm4g","reference_id":"GHSA-r7cm-g469-wm4g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r7cm-g469-wm4g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81855?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/81854?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-y4u6-cy8y-hyae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/81853?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34107","GHSA-r7cm-g469-wm4g"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dur2-pfke-h7hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54064?format=json","vulnerability_id":"VCID-e7k8-hmqe-wufh","summary":"Magento is vulnerable to SQL Injection. Successful exploitation could lead to unauthorized access to restricted resources by an unauthenticated attacker. Access to the admin console is required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21024","reference_id":"","reference_type":"","scores":[{"value":"0.02071","scoring_system":"epss","scoring_elements":"0.84262","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02071","scoring_system":"epss","scoring_elements":"0.84285","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21024"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21024","reference_id":"CVE-2021-21024","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21024"},{"reference_url":"https://github.com/advisories/GHSA-rj4f-cp4v-hvcv","reference_id":"GHSA-rj4f-cp4v-hvcv","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rj4f-cp4v-hvcv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79754?format=json","purl":"pkg:composer/magento/community-edition@2.4.1-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1"}],"aliases":["CVE-2021-21024","GHSA-rj4f-cp4v-hvcv"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e7k8-hmqe-wufh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55363?format=json","vulnerability_id":"VCID-e7zd-dn28-4bf1","summary":"Magento Open Source Improper Authentication vulnerability\nAdobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access or elevated privileges within the application. Exploitation of this issue does not require user interaction, but attack complexity is high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34103","reference_id":"","reference_type":"","scores":[{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.83255","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34103"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34103","reference_id":"CVE-2024-34103","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34103"},{"reference_url":"https://github.com/advisories/GHSA-f7q4-9gwv-6774","reference_id":"GHSA-f7q4-9gwv-6774","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f7q4-9gwv-6774"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81855?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/81854?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-y4u6-cy8y-hyae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/81853?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34103","GHSA-f7q4-9gwv-6774"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e7zd-dn28-4bf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55989?format=json","vulnerability_id":"VCID-eahe-s41f-ckc1","summary":"Magento Open Source Cross-Site Scripting (XSS) vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code. If an admin attacker can trick a user into clicking a specially crafted link or submitting a form, malicious scripts may be executed within the context of the victim's browser and have high impact on confidentiality and integrity. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45116","reference_id":"","reference_type":"","scores":[{"value":"0.01833","scoring_system":"epss","scoring_elements":"0.83292","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45116"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-10T13:56:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45116","reference_id":"CVE-2024-45116","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45116"},{"reference_url":"https://github.com/advisories/GHSA-873m-72g6-853g","reference_id":"GHSA-873m-72g6-853g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-873m-72g6-853g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45116","GHSA-873m-72g6-853g"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eahe-s41f-ckc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112485?format=json","vulnerability_id":"VCID-ed87-d3y2-wfck","summary":"Magento improper authorization vulnerability in the integrations module\nMagento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by an improper authorization vulnerability in the integrations module. Successful exploitation could lead to unauthorized access to restricted resources by an unauthenticated attacker. Access to the admin console is required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21026","reference_id":"","reference_type":"","scores":[{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.72008","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71969","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21026"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497"},{"reference_url":"https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21026","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21026"},{"reference_url":"https://github.com/advisories/GHSA-crjc-2v9m-8w7r","reference_id":"GHSA-crjc-2v9m-8w7r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-crjc-2v9m-8w7r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58955?format=json","purl":"pkg:composer/magento/community-edition@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2g87-y8ek-xfdr"},{"vulnerability":"VCID-2ttz-k7d2-jucf"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-36ve-7wxt-z7fz"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4cbe-djqs-tug1"},{"vulnerability":"VCID-4w1v-es9j-subp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6mjf-p1d9-8qa1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-8u5e-d6nx-3khc"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b5hn-f1qk-z7cu"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c1ta-jffg-cfg9"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cfjt-51xj-qqdw"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-er49-k3tc-ufcu"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fz6y-fece-skgr"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gxnx-f2qh-3yf9"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hspp-kw5e-akbr"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kgws-xvjr-g7bv"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kv6x-nz1s-uuar"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-n5mn-3a8f-nbdb"},{"vulnerability":"VCID-nn21-hf8r-ykfd"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p1py-xewy-7khn"},{"vulnerability":"VCID-p9qx-66yy-1kc1"},{"vulnerability":"VCID-pm85-dfg2-euep"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rgnq-s54v-vkdm"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w42y-yc7r-kqhp"},{"vulnerability":"VCID-wh14-k3ex-pubq"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-ze8y-4wfs-hbf9"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2"}],"aliases":["CVE-2021-21026","GHSA-crjc-2v9m-8w7r"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ed87-d3y2-wfck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57095?format=json","vulnerability_id":"VCID-egy6-nku7-zyap","summary":"Magento Improper Access Control leads to Security feature bypass\nMagento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27191","reference_id":"","reference_type":"","scores":[{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50333","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27191"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:08Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27191","reference_id":"CVE-2025-27191","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27191"},{"reference_url":"https://github.com/advisories/GHSA-vhcq-4xrm-2cr2","reference_id":"GHSA-vhcq-4xrm-2cr2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vhcq-4xrm-2cr2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84773?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/84774?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84775?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/84776?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-27191","GHSA-vhcq-4xrm-2cr2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-egy6-nku7-zyap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55998?format=json","vulnerability_id":"VCID-evth-swm9-k3de","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45121","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24943","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45121"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45121","reference_id":"CVE-2024-45121","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45121"},{"reference_url":"https://github.com/advisories/GHSA-2qhq-fw98-h6wg","reference_id":"GHSA-2qhq-fw98-h6wg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2qhq-fw98-h6wg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45121","GHSA-2qhq-fw98-h6wg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-evth-swm9-k3de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53715?format=json","vulnerability_id":"VCID-fgqe-h7ey-33bd","summary":"Cross-site Scripting\nThis vulnerability could be abused by an unauthenticated attacker to execute XSS attacks against other Magento users. This vulnerability requires a victim to browse to the uploaded file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24408","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.8022","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80244","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24408"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24408","reference_id":"CVE-2020-24408","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24408"},{"reference_url":"https://github.com/advisories/GHSA-jxjc-6xmh-h7mg","reference_id":"GHSA-jxjc-6xmh-h7mg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jxjc-6xmh-h7mg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78954?format=json","purl":"pkg:composer/magento/community-edition@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1"}],"aliases":["CVE-2020-24408","GHSA-jxjc-6xmh-h7mg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fgqe-h7ey-33bd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56628?format=json","vulnerability_id":"VCID-fz5y-um7w-63f4","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24410","reference_id":"","reference_type":"","scores":[{"value":"0.01784","scoring_system":"epss","scoring_elements":"0.831","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24410"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:38Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24410","reference_id":"CVE-2025-24410","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24410"},{"reference_url":"https://github.com/advisories/GHSA-gjxp-46rq-wg4q","reference_id":"GHSA-gjxp-46rq-wg4q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gjxp-46rq-wg4q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24410","GHSA-gjxp-46rq-wg4q"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fz5y-um7w-63f4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56647?format=json","vulnerability_id":"VCID-gedj-39p5-ubd6","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24413","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24413"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:44Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24413","reference_id":"CVE-2025-24413","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24413"},{"reference_url":"https://github.com/advisories/GHSA-xwgx-8v72-4j5j","reference_id":"GHSA-xwgx-8v72-4j5j","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xwgx-8v72-4j5j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24413","GHSA-xwgx-8v72-4j5j"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gedj-39p5-ubd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55993?format=json","vulnerability_id":"VCID-gxj9-a1hc-47de","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have high impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45118","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24943","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45118"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:45:03Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45118","reference_id":"CVE-2024-45118","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45118"},{"reference_url":"https://github.com/advisories/GHSA-cg52-68fv-94qq","reference_id":"GHSA-cg52-68fv-94qq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cg52-68fv-94qq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45118","GHSA-cg52-68fv-94qq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gxj9-a1hc-47de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111006?format=json","vulnerability_id":"VCID-gyj5-abau-uyf6","summary":"Magento stored cross-site scripting vulnerability in the admin console\nMagento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a stored cross-site scripting vulnerability in the admin console. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Access to the admin console is required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21023","reference_id":"","reference_type":"","scores":[{"value":"0.03783","scoring_system":"epss","scoring_elements":"0.88271","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03783","scoring_system":"epss","scoring_elements":"0.8829","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21023"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21023","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21023"},{"reference_url":"https://github.com/advisories/GHSA-h5rm-m772-6qcx","reference_id":"GHSA-h5rm-m772-6qcx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h5rm-m772-6qcx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79754?format=json","purl":"pkg:composer/magento/community-edition@2.4.1-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1"}],"aliases":["CVE-2021-21023","GHSA-h5rm-m772-6qcx"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gyj5-abau-uyf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53773?format=json","vulnerability_id":"VCID-h4nn-2mrj-g3ds","summary":"Improper Authorization\nMagento This vulnerability could be abused by users with permissions to the Pages resource to delete cms pages via the REST API without authorization.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24404","reference_id":"","reference_type":"","scores":[{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50929","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50991","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24404"},{"reference_url":"https://devdocs.magento.com/guides/v2.3/release-notes/open-source-2-3-6.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://devdocs.magento.com/guides/v2.3/release-notes/open-source-2-3-6.html"},{"reference_url":"https://experienceleague.adobe.com/docs/commerce-operations/release/notes/magento-open-source/2-4-1.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://experienceleague.adobe.com/docs/commerce-operations/release/notes/magento-open-source/2-4-1.html"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24404","reference_id":"CVE-2020-24404","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24404"},{"reference_url":"https://github.com/advisories/GHSA-rwf7-652f-76mv","reference_id":"GHSA-rwf7-652f-76mv","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rwf7-652f-76mv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78954?format=json","purl":"pkg:composer/magento/community-edition@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1"}],"aliases":["CVE-2020-24404","GHSA-rwf7-652f-76mv"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h4nn-2mrj-g3ds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54068?format=json","vulnerability_id":"VCID-h64s-51sc-huga","summary":"XPath Injection\nMagento is vulnerable to XML injection in the Widgets module. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21019","reference_id":"","reference_type":"","scores":[{"value":"0.04035","scoring_system":"epss","scoring_elements":"0.887","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04035","scoring_system":"epss","scoring_elements":"0.88716","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21019"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21019","reference_id":"CVE-2021-21019","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21019"},{"reference_url":"https://github.com/advisories/GHSA-mw95-gmw4-883p","reference_id":"GHSA-mw95-gmw4-883p","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mw95-gmw4-883p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79754?format=json","purl":"pkg:composer/magento/community-edition@2.4.1-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1"}],"aliases":["CVE-2021-21019","GHSA-mw95-gmw4-883p"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h64s-51sc-huga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56622?format=json","vulnerability_id":"VCID-hbau-7tvg-cygz","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24429","reference_id":"","reference_type":"","scores":[{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39685","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24429"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24429","reference_id":"CVE-2025-24429","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24429"},{"reference_url":"https://github.com/advisories/GHSA-656q-fx2w-8ccv","reference_id":"GHSA-656q-fx2w-8ccv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-656q-fx2w-8ccv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24429","GHSA-656q-fx2w-8ccv"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hbau-7tvg-cygz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55361?format=json","vulnerability_id":"VCID-hfbb-ax6r-tbaz","summary":"Magento Open Source Server-Side Request Forgery (SSRF) vulnerability\nAdobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted request to the server, which could then cause the server to execute arbitrary code. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34111","reference_id":"","reference_type":"","scores":[{"value":"0.00759","scoring_system":"epss","scoring_elements":"0.73715","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34111"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T21:18:03Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34111","reference_id":"CVE-2024-34111","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34111"},{"reference_url":"https://github.com/advisories/GHSA-jmqp-r3gg-6jh3","reference_id":"GHSA-jmqp-r3gg-6jh3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jmqp-r3gg-6jh3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81855?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/81854?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-y4u6-cy8y-hyae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/81853?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34111","GHSA-jmqp-r3gg-6jh3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hfbb-ax6r-tbaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109930?format=json","vulnerability_id":"VCID-hq7k-qz7g-4bc2","summary":"Magento Path Traversal vulnerability\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could be abused by an attacker to inject malicious scripts into the vulnerable endpoint. A low privileged attacker could leverage this vulnerability to read local files and to perform Stored XSS. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34254","reference_id":"","reference_type":"","scores":[{"value":"0.00599","scoring_system":"epss","scoring_elements":"0.6986","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00599","scoring_system":"epss","scoring_elements":"0.6982","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34254"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523"},{"reference_url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa"},{"reference_url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:06Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34254","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34254"},{"reference_url":"https://github.com/advisories/GHSA-fx9g-g9q6-x3jx","reference_id":"GHSA-fx9g-g9q6-x3jx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fx9g-g9q6-x3jx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/64404?format=json","purl":"pkg:composer/magento/community-edition@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-34254","GHSA-fx9g-g9q6-x3jx"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hq7k-qz7g-4bc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54067?format=json","vulnerability_id":"VCID-hufp-fajk-n7gu","summary":"OS Command Injection\nMagento is vulnerable to OS command injection via the scheduled operation module. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21018","reference_id":"","reference_type":"","scores":[{"value":"0.06906","scoring_system":"epss","scoring_elements":"0.9155","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06906","scoring_system":"epss","scoring_elements":"0.91563","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21018"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21018","reference_id":"CVE-2021-21018","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21018"},{"reference_url":"https://github.com/advisories/GHSA-rv48-v862-mp92","reference_id":"GHSA-rv48-v862-mp92","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rv48-v862-mp92"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79754?format=json","purl":"pkg:composer/magento/community-edition@2.4.1-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1"}],"aliases":["CVE-2021-21018","GHSA-rv48-v862-mp92"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hufp-fajk-n7gu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57100?format=json","vulnerability_id":"VCID-j6ss-8f4e-e7g2","summary":"Magento does not properly protect credentials\nMagento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could lead to a security feature bypass. A high privileged attacker could exploit this vulnerability to gain unauthorized access to protected resources by obtaining sensitive credential information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27192","reference_id":"","reference_type":"","scores":[{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.2817","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27192"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:23Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27192","reference_id":"CVE-2025-27192","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27192"},{"reference_url":"https://github.com/advisories/GHSA-2r94-wm5v-4prx","reference_id":"GHSA-2r94-wm5v-4prx","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-2r94-wm5v-4prx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84773?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/84774?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84775?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/84776?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-27192","GHSA-2r94-wm5v-4prx"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j6ss-8f4e-e7g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111185?format=json","vulnerability_id":"VCID-j77a-cqsd-wuf1","summary":"Magento Insufficient Session Expiration\nMagento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) do not adequately invalidate user sessions. Successful exploitation of this issue could lead to unauthorized access to restricted resources. Access to the admin console is not required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21032","reference_id":"","reference_type":"","scores":[{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38019","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38109","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21032"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21032","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21032"},{"reference_url":"https://github.com/advisories/GHSA-4jfq-f8hc-775q","reference_id":"GHSA-4jfq-f8hc-775q","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4jfq-f8hc-775q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79754?format=json","purl":"pkg:composer/magento/community-edition@2.4.1-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1"}],"aliases":["CVE-2021-21032","GHSA-4jfq-f8hc-775q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j77a-cqsd-wuf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112095?format=json","vulnerability_id":"VCID-jmhs-9u49-ekbj","summary":"Magento Insecure Direct Object Reference (IDOR) in the product module\nMagento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object reference (IDOR) in the product module. Successful exploitation could lead to unauthorized access to restricted resources.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21022","reference_id":"","reference_type":"","scores":[{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35755","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35851","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21022"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21022","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21022"},{"reference_url":"https://github.com/advisories/GHSA-8pfq-g48p-x7w8","reference_id":"GHSA-8pfq-g48p-x7w8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8pfq-g48p-x7w8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79754?format=json","purl":"pkg:composer/magento/community-edition@2.4.1-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1"}],"aliases":["CVE-2021-21022","GHSA-8pfq-g48p-x7w8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jmhs-9u49-ekbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56645?format=json","vulnerability_id":"VCID-jr49-4fs3-8qcp","summary":"Improper Authorization vulnerability in Magento and Adobe Commerce\nAdobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24434","reference_id":"","reference_type":"","scores":[{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44087","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24434"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:37Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24434","reference_id":"CVE-2025-24434","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24434"},{"reference_url":"https://github.com/advisories/GHSA-fppq-f2m6-xv5c","reference_id":"GHSA-fppq-f2m6-xv5c","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fppq-f2m6-xv5c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24434","GHSA-fppq-f2m6-xv5c"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jr49-4fs3-8qcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55678?format=json","vulnerability_id":"VCID-kezx-5nw5-hfen","summary":"Magento Improper Access Control Leads to Privilege escalation\nMagento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39414","reference_id":"","reference_type":"","scores":[{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55365","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39414"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:42Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39414","reference_id":"CVE-2024-39414","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39414"},{"reference_url":"https://github.com/advisories/GHSA-x6f9-hv9r-fgq4","reference_id":"GHSA-x6f9-hv9r-fgq4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x6f9-hv9r-fgq4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39414","GHSA-x6f9-hv9r-fgq4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kezx-5nw5-hfen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55980?format=json","vulnerability_id":"VCID-kje4-asu6-dfg2","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45129","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24284","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45129"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:07:37Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45129","reference_id":"CVE-2024-45129","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45129"},{"reference_url":"https://github.com/advisories/GHSA-m58h-998x-66f3","reference_id":"GHSA-m58h-998x-66f3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m58h-998x-66f3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45129","GHSA-m58h-998x-66f3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kje4-asu6-dfg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55359?format=json","vulnerability_id":"VCID-kq4m-anrt-rugn","summary":"Magento Open Source Improper Authorization vulnerability\nAdobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both confidentiality and integrity impact. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34104","reference_id":"","reference_type":"","scores":[{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70373","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34104"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/30877fce83b793f71421c47347885cf076e81799"},{"reference_url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a3c6d6e5e95e63031e4df26cfcf76feace7549c2"},{"reference_url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/c5c538810b87449886f4669cb8abbe8e5593c83c"},{"reference_url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/d10435b11ada4e502dca7539f8fd31d059d3c482"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-14T13:48:20Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-40.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34104","reference_id":"CVE-2024-34104","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34104"},{"reference_url":"https://github.com/advisories/GHSA-wwj3-573j-rvvm","reference_id":"GHSA-wwj3-573j-rvvm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wwj3-573j-rvvm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81855?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/81854?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-y4u6-cy8y-hyae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/81853?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p6"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"}],"aliases":["CVE-2024-34104","GHSA-wwj3-573j-rvvm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kq4m-anrt-rugn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55676?format=json","vulnerability_id":"VCID-kuzc-uv5b-v7an","summary":"Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability\nMagento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39409","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67001","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39409"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:11:00Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39409","reference_id":"CVE-2024-39409","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39409"},{"reference_url":"https://github.com/advisories/GHSA-rf4q-m23c-7q8r","reference_id":"GHSA-rf4q-m23c-7q8r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rf4q-m23c-7q8r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39409","GHSA-rf4q-m23c-7q8r"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kuzc-uv5b-v7an"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110012?format=json","vulnerability_id":"VCID-kyvw-d4e8-1fd4","summary":"Magento XML Injection vulnerability in the Widgets Module\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an XML Injection vulnerability in the Widgets Module. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34253","reference_id":"","reference_type":"","scores":[{"value":"0.37194","scoring_system":"epss","scoring_elements":"0.97252","published_at":"2026-06-04T12:55:00Z"},{"value":"0.37194","scoring_system":"epss","scoring_elements":"0.97256","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34253"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523"},{"reference_url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa"},{"reference_url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:06:06Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34253","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34253"},{"reference_url":"https://github.com/advisories/GHSA-cj7w-pm77-hvg6","reference_id":"GHSA-cj7w-pm77-hvg6","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cj7w-pm77-hvg6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/64404?format=json","purl":"pkg:composer/magento/community-edition@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-34253","GHSA-cj7w-pm77-hvg6"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kyvw-d4e8-1fd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56626?format=json","vulnerability_id":"VCID-mhvf-2keh-2qar","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24417","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24417"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:50Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24417","reference_id":"CVE-2025-24417","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24417"},{"reference_url":"https://github.com/advisories/GHSA-g3j6-9753-8mp2","reference_id":"GHSA-g3j6-9753-8mp2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-g3j6-9753-8mp2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24417","GHSA-g3j6-9753-8mp2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mhvf-2keh-2qar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56646?format=json","vulnerability_id":"VCID-mjb6-7au8-5fdx","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24414","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24414"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:45Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24414","reference_id":"CVE-2025-24414","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24414"},{"reference_url":"https://github.com/advisories/GHSA-fhw6-3mj5-w9gv","reference_id":"GHSA-fhw6-3mj5-w9gv","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fhw6-3mj5-w9gv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24414","GHSA-fhw6-3mj5-w9gv"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mjb6-7au8-5fdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111534?format=json","vulnerability_id":"VCID-mtes-xpe5-qkdj","summary":"Magento 2 Community Edition RCE via Unsafe File Upload\nMagento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an unsafe file upload vulnerability that could result in arbitrary code execution. This vulnerability could be abused by authenticated users with administrative permissions to the System/Data and Transfer/Import components.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24407","reference_id":"","reference_type":"","scores":[{"value":"0.03057","scoring_system":"epss","scoring_elements":"0.86957","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03057","scoring_system":"epss","scoring_elements":"0.86979","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24407"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24407","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24407"},{"reference_url":"https://github.com/advisories/GHSA-7pxg-6p87-8c9v","reference_id":"GHSA-7pxg-6p87-8c9v","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7pxg-6p87-8c9v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78954?format=json","purl":"pkg:composer/magento/community-edition@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1"}],"aliases":["CVE-2020-24407","GHSA-7pxg-6p87-8c9v"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mtes-xpe5-qkdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110022?format=json","vulnerability_id":"VCID-mzsj-dck5-pqc5","summary":"Magento stored Cross-Site Scripting (XSS) vulnerability\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker with admin privileges to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34258","reference_id":"","reference_type":"","scores":[{"value":"0.16184","scoring_system":"epss","scoring_elements":"0.94937","published_at":"2026-06-05T12:55:00Z"},{"value":"0.16184","scoring_system":"epss","scoring_elements":"0.94929","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34258"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523"},{"reference_url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa"},{"reference_url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:10Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34258","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34258"},{"reference_url":"https://github.com/advisories/GHSA-5m55-g8pv-x8ww","reference_id":"GHSA-5m55-g8pv-x8ww","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5m55-g8pv-x8ww"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/64404?format=json","purl":"pkg:composer/magento/community-edition@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-34258","GHSA-5m55-g8pv-x8ww"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mzsj-dck5-pqc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111283?format=json","vulnerability_id":"VCID-nm39-k1su-yyep","summary":"Magento vulnerable to a file upload restriction bypass\nMagento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a file upload restriction bypass. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21014","reference_id":"","reference_type":"","scores":[{"value":"0.00372","scoring_system":"epss","scoring_elements":"0.59284","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00372","scoring_system":"epss","scoring_elements":"0.59335","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21014"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497"},{"reference_url":"https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21014","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21014"},{"reference_url":"https://github.com/advisories/GHSA-269w-pqc7-68q9","reference_id":"GHSA-269w-pqc7-68q9","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-269w-pqc7-68q9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58955?format=json","purl":"pkg:composer/magento/community-edition@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2g87-y8ek-xfdr"},{"vulnerability":"VCID-2ttz-k7d2-jucf"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-36ve-7wxt-z7fz"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4cbe-djqs-tug1"},{"vulnerability":"VCID-4w1v-es9j-subp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6mjf-p1d9-8qa1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-8u5e-d6nx-3khc"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b5hn-f1qk-z7cu"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c1ta-jffg-cfg9"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cfjt-51xj-qqdw"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-er49-k3tc-ufcu"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fz6y-fece-skgr"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gxnx-f2qh-3yf9"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hspp-kw5e-akbr"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kgws-xvjr-g7bv"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kv6x-nz1s-uuar"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-n5mn-3a8f-nbdb"},{"vulnerability":"VCID-nn21-hf8r-ykfd"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p1py-xewy-7khn"},{"vulnerability":"VCID-p9qx-66yy-1kc1"},{"vulnerability":"VCID-pm85-dfg2-euep"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rgnq-s54v-vkdm"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w42y-yc7r-kqhp"},{"vulnerability":"VCID-wh14-k3ex-pubq"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-ze8y-4wfs-hbf9"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2"}],"aliases":["CVE-2021-21014","GHSA-269w-pqc7-68q9"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nm39-k1su-yyep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55991?format=json","vulnerability_id":"VCID-ns8t-vtcn-aqh4","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45149","reference_id":"","reference_type":"","scores":[{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33831","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45149"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:05:46Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45149","reference_id":"CVE-2024-45149","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45149"},{"reference_url":"https://github.com/advisories/GHSA-w7rg-7wq2-pjrw","reference_id":"GHSA-w7rg-7wq2-pjrw","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w7rg-7wq2-pjrw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45149","GHSA-w7rg-7wq2-pjrw"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ns8t-vtcn-aqh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53774?format=json","vulnerability_id":"VCID-px1s-dzpe-qbfx","summary":"Path Traversal\nWhen in maintenance mode, Magento This information could be helpful to attackers if they are able to identify other exploitable vulnerabilities in the environment.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24406","reference_id":"","reference_type":"","scores":[{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.53026","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.53086","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24406"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24406","reference_id":"CVE-2020-24406","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24406"},{"reference_url":"https://github.com/advisories/GHSA-mr8q-7f5j-wc79","reference_id":"GHSA-mr8q-7f5j-wc79","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mr8q-7f5j-wc79"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78954?format=json","purl":"pkg:composer/magento/community-edition@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1"}],"aliases":["CVE-2020-24406","GHSA-mr8q-7f5j-wc79"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-px1s-dzpe-qbfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110030?format=json","vulnerability_id":"VCID-pxxm-ce8x-abdq","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34259","reference_id":"","reference_type":"","scores":[{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46059","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46128","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34259"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523"},{"reference_url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa"},{"reference_url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:06:18Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34259","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34259"},{"reference_url":"https://github.com/advisories/GHSA-9wjf-94h3-r4rh","reference_id":"GHSA-9wjf-94h3-r4rh","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9wjf-94h3-r4rh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/64404?format=json","purl":"pkg:composer/magento/community-edition@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-34259","GHSA-9wjf-94h3-r4rh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pxxm-ce8x-abdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111241?format=json","vulnerability_id":"VCID-q4yr-fqww-tbb1","summary":"Magento incorrect user permissions vulnerability within the Inventory component\nMagento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an incorrect user permissions vulnerability within the Inventory component. This vulnerability could be abused by authenticated users with Inventory and Source permissions to make unauthorized changes to inventory source data via the REST API.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24403","reference_id":"","reference_type":"","scores":[{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40758","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40836","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24403"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24403","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24403"},{"reference_url":"https://github.com/advisories/GHSA-39rw-4m66-82gf","reference_id":"GHSA-39rw-4m66-82gf","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-39rw-4m66-82gf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78954?format=json","purl":"pkg:composer/magento/community-edition@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1"}],"aliases":["CVE-2020-24403","GHSA-39rw-4m66-82gf"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q4yr-fqww-tbb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55997?format=json","vulnerability_id":"VCID-qgpx-hgzu-5qgp","summary":"Magento Open Source Improper Access Control vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45122","reference_id":"","reference_type":"","scores":[{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30523","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45122"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:59:49Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45122","reference_id":"CVE-2024-45122","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45122"},{"reference_url":"https://github.com/advisories/GHSA-46fm-x82m-5f74","reference_id":"GHSA-46fm-x82m-5f74","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-46fm-x82m-5f74"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45122","GHSA-46fm-x82m-5f74"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qgpx-hgzu-5qgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56623?format=json","vulnerability_id":"VCID-qp7s-amch-v3cd","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to modify limited fields. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24435","reference_id":"","reference_type":"","scores":[{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40477","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24435"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:16Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24435","reference_id":"CVE-2025-24435","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24435"},{"reference_url":"https://github.com/advisories/GHSA-82p4-55gj-956p","reference_id":"GHSA-82p4-55gj-956p","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-82p4-55gj-956p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24435","GHSA-82p4-55gj-956p"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qp7s-amch-v3cd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111382?format=json","vulnerability_id":"VCID-qq42-4zzt-3kh2","summary":"Magento XPath Injection\nMagento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to XML injection in the product layout updates. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21025","reference_id":"","reference_type":"","scores":[{"value":"0.04724","scoring_system":"epss","scoring_elements":"0.8958","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04724","scoring_system":"epss","scoring_elements":"0.89597","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21025"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21025","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21025"},{"reference_url":"https://github.com/advisories/GHSA-h437-qjj9-vmq4","reference_id":"GHSA-h437-qjj9-vmq4","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h437-qjj9-vmq4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79754?format=json","purl":"pkg:composer/magento/community-edition@2.4.1-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1"}],"aliases":["CVE-2021-21025","GHSA-h437-qjj9-vmq4"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qq42-4zzt-3kh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53775?format=json","vulnerability_id":"VCID-qx68-8xvf-a7hy","summary":"Improper Authorization\nMagento This vulnerability could be abused by authenticated users to modify inventory stock data without authorization.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24405","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24864","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.2496","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24405"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb20-59.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24405","reference_id":"CVE-2020-24405","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24405"},{"reference_url":"https://github.com/advisories/GHSA-p7m7-j8jv-393q","reference_id":"GHSA-p7m7-j8jv-393q","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p7m7-j8jv-393q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/78954?format=json","purl":"pkg:composer/magento/community-edition@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1"}],"aliases":["CVE-2020-24405","GHSA-p7m7-j8jv-393q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qx68-8xvf-a7hy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56642?format=json","vulnerability_id":"VCID-qzqd-271b-ybfj","summary":"Magento Information Exposure vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Information Exposure vulnerability that could result in privilege escalation. A low-privileged attacker could gain unauthorized access to sensitive information. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24408","reference_id":"","reference_type":"","scores":[{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59659","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24408"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:13Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24408","reference_id":"CVE-2025-24408","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24408"},{"reference_url":"https://github.com/advisories/GHSA-3cfg-w257-cgf8","reference_id":"GHSA-3cfg-w257-cgf8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-3cfg-w257-cgf8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24408","GHSA-3cfg-w257-cgf8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qzqd-271b-ybfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56633?format=json","vulnerability_id":"VCID-r4bw-w4t9-23ek","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24427","reference_id":"","reference_type":"","scores":[{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40477","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24427"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:49:04Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24427","reference_id":"CVE-2025-24427","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24427"},{"reference_url":"https://github.com/advisories/GHSA-v3hq-g424-5mgg","reference_id":"GHSA-v3hq-g424-5mgg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v3hq-g424-5mgg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24427","GHSA-v3hq-g424-5mgg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r4bw-w4t9-23ek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55978?format=json","vulnerability_id":"VCID-rduw-apr6-4fdu","summary":"Magento Open Source Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An admin attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45135","reference_id":"","reference_type":"","scores":[{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34443","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45135"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:00:24Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45135","reference_id":"CVE-2024-45135","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45135"},{"reference_url":"https://github.com/advisories/GHSA-8pxg-gcp4-57ww","reference_id":"GHSA-8pxg-gcp4-57ww","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8pxg-gcp4-57ww"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45135","GHSA-8pxg-gcp4-57ww"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rduw-apr6-4fdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56630?format=json","vulnerability_id":"VCID-re84-qg3k-3ub3","summary":"Adobe Commerce Path Traversal\nAdobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to a security feature bypass. An unauthenticated attacker could exploit this vulnerability to modify files that are stored outside the restricted directory. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24406","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.4666","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24406"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:51:36Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24406","reference_id":"CVE-2025-24406","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24406"},{"reference_url":"https://github.com/advisories/GHSA-954p-ff72-327w","reference_id":"GHSA-954p-ff72-327w","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-954p-ff72-327w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24406","GHSA-954p-ff72-327w"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-re84-qg3k-3ub3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55988?format=json","vulnerability_id":"VCID-rxac-w9pd-aqe1","summary":"Magento Open Source Improper Authorization vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on confidentiality and integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45131","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3242","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45131"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:02:38Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45131","reference_id":"CVE-2024-45131","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45131"},{"reference_url":"https://github.com/advisories/GHSA-xc5p-773w-m3pm","reference_id":"GHSA-xc5p-773w-m3pm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xc5p-773w-m3pm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45131","GHSA-xc5p-773w-m3pm"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rxac-w9pd-aqe1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56635?format=json","vulnerability_id":"VCID-s4bp-kzfu-8qfy","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24412","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24412"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:41Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24412","reference_id":"CVE-2025-24412","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24412"},{"reference_url":"https://github.com/advisories/GHSA-m4rg-mpp2-97px","reference_id":"GHSA-m4rg-mpp2-97px","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m4rg-mpp2-97px"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24412","GHSA-m4rg-mpp2-97px"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s4bp-kzfu-8qfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56644?format=json","vulnerability_id":"VCID-scg7-ugdn-53b9","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24424","reference_id":"","reference_type":"","scores":[{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45292","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24424"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:44Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24424","reference_id":"CVE-2025-24424","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24424"},{"reference_url":"https://github.com/advisories/GHSA-539v-w87w-w62c","reference_id":"GHSA-539v-w87w-w62c","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-539v-w87w-w62c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24424","GHSA-539v-w87w-w62c"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-scg7-ugdn-53b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111360?format=json","vulnerability_id":"VCID-sd6n-a9mk-aufb","summary":"Magento DOM-based Cross-Site Scripting vulnerability on mage-messages cookies\nMagento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a DOM-based Cross-Site Scripting vulnerability on mage-messages cookies. Successful exploitation could lead to arbitrary JavaScript execution by an unauthenticated attacker. User interaction is required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28556","reference_id":"","reference_type":"","scores":[{"value":"0.23863","scoring_system":"epss","scoring_elements":"0.96121","published_at":"2026-06-04T12:55:00Z"},{"value":"0.23863","scoring_system":"epss","scoring_elements":"0.96126","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28556"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-30.html","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-30.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28556","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28556"},{"reference_url":"https://github.com/advisories/GHSA-39ch-rg26-gmq5","reference_id":"GHSA-39ch-rg26-gmq5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-39ch-rg26-gmq5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58956?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2g87-y8ek-xfdr"},{"vulnerability":"VCID-2ttz-k7d2-jucf"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-36ve-7wxt-z7fz"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4cbe-djqs-tug1"},{"vulnerability":"VCID-4w1v-es9j-subp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6mjf-p1d9-8qa1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-8u5e-d6nx-3khc"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b5hn-f1qk-z7cu"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c1ta-jffg-cfg9"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cfjt-51xj-qqdw"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-er49-k3tc-ufcu"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fz6y-fece-skgr"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gxnx-f2qh-3yf9"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hspp-kw5e-akbr"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kgws-xvjr-g7bv"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kv6x-nz1s-uuar"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-n5mn-3a8f-nbdb"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-nn21-hf8r-ykfd"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p1py-xewy-7khn"},{"vulnerability":"VCID-p9qx-66yy-1kc1"},{"vulnerability":"VCID-pm85-dfg2-euep"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rgnq-s54v-vkdm"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w42y-yc7r-kqhp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wh14-k3ex-pubq"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-ze8y-4wfs-hbf9"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1"}],"aliases":["CVE-2021-28556","GHSA-39ch-rg26-gmq5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sd6n-a9mk-aufb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55692?format=json","vulnerability_id":"VCID-shfz-pxan-v3ar","summary":"Magento Open Source Cross-Site Request Forgery vulnerability\nMagento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor unauthorised actions on behalf of a user. The vulnerability could be exploited by tricking a victim into clicking a link or loading a page that submits a malicious request. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39408","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67001","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39408"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:09:17Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39408","reference_id":"CVE-2024-39408","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39408"},{"reference_url":"https://github.com/advisories/GHSA-4cj6-f32v-6hgx","reference_id":"GHSA-4cj6-f32v-6hgx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4cj6-f32v-6hgx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39408","GHSA-4cj6-f32v-6hgx"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-shfz-pxan-v3ar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54061?format=json","vulnerability_id":"VCID-spjd-9z79-jueh","summary":"OS Command Injection\nMagento is vulnerable to an OS command injection via the customer attribute save controller. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21015","reference_id":"","reference_type":"","scores":[{"value":"0.04856","scoring_system":"epss","scoring_elements":"0.89727","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04856","scoring_system":"epss","scoring_elements":"0.89743","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21015"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497"},{"reference_url":"https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21015","reference_id":"CVE-2021-21015","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21015"},{"reference_url":"https://github.com/advisories/GHSA-w2p4-2c8c-2g7h","reference_id":"GHSA-w2p4-2c8c-2g7h","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w2p4-2c8c-2g7h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79754?format=json","purl":"pkg:composer/magento/community-edition@2.4.1-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/58955?format=json","purl":"pkg:composer/magento/community-edition@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2g87-y8ek-xfdr"},{"vulnerability":"VCID-2ttz-k7d2-jucf"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-36ve-7wxt-z7fz"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4cbe-djqs-tug1"},{"vulnerability":"VCID-4w1v-es9j-subp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6mjf-p1d9-8qa1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-8u5e-d6nx-3khc"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b5hn-f1qk-z7cu"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c1ta-jffg-cfg9"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cfjt-51xj-qqdw"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-er49-k3tc-ufcu"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fz6y-fece-skgr"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gxnx-f2qh-3yf9"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hspp-kw5e-akbr"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kgws-xvjr-g7bv"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kv6x-nz1s-uuar"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-n5mn-3a8f-nbdb"},{"vulnerability":"VCID-nn21-hf8r-ykfd"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p1py-xewy-7khn"},{"vulnerability":"VCID-p9qx-66yy-1kc1"},{"vulnerability":"VCID-pm85-dfg2-euep"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rgnq-s54v-vkdm"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w42y-yc7r-kqhp"},{"vulnerability":"VCID-wh14-k3ex-pubq"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-ze8y-4wfs-hbf9"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2"}],"aliases":["CVE-2021-21015","GHSA-w2p4-2c8c-2g7h"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-spjd-9z79-jueh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56624?format=json","vulnerability_id":"VCID-te3b-exz5-zke1","summary":"Magento Stored Cross-Site Scripting (XSS) Vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24415","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24415"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:47Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24415","reference_id":"CVE-2025-24415","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24415"},{"reference_url":"https://github.com/advisories/GHSA-gc27-rvvm-q77r","reference_id":"GHSA-gc27-rvvm-q77r","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gc27-rvvm-q77r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24415","GHSA-gc27-rvvm-q77r"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-te3b-exz5-zke1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56627?format=json","vulnerability_id":"VCID-tvz9-8s4d-gbg6","summary":"Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a security feature bypass. An attacker could exploit this race condition to alter a condition after it has been checked but before it is used, potentially bypassing security mechanisms. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24430","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27789","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24430"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:47Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24430","reference_id":"CVE-2025-24430","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24430"},{"reference_url":"https://github.com/advisories/GHSA-6w27-c66f-gvhq","reference_id":"GHSA-6w27-c66f-gvhq","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6w27-c66f-gvhq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24430","GHSA-6w27-c66f-gvhq"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tvz9-8s4d-gbg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55992?format=json","vulnerability_id":"VCID-txb3-ez5r-r7ek","summary":"Magento Open Source Improper Input Validation vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to read files from the system outside of the intended directories via PHP filter chain and also can have a low-availability impact on the service. Exploitation of this issue does not require user interaction and scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45117","reference_id":"","reference_type":"","scores":[{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49631","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45117"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:07:29Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45117","reference_id":"CVE-2024-45117","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L"},{"value":"6.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45117"},{"reference_url":"https://github.com/advisories/GHSA-3fr3-gcqh-3m2g","reference_id":"GHSA-3fr3-gcqh-3m2g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3fr3-gcqh-3m2g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45117","GHSA-3fr3-gcqh-3m2g"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-txb3-ez5r-r7ek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111540?format=json","vulnerability_id":"VCID-u2hc-27c2-1udc","summary":"Magento Violation of Secure Design Principles vulnerability in RMA PDF filename formats\nMagento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a Violation of Secure Design Principles vulnerability in RMA PDF filename formats. Successful exploitation could allow an attacker to get unauthorized access to restricted resources.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28583","reference_id":"","reference_type":"","scores":[{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67609","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.6765","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28583"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-30.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-30.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28583","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28583"},{"reference_url":"https://github.com/advisories/GHSA-7gh6-f4jh-3crq","reference_id":"GHSA-7gh6-f4jh-3crq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7gh6-f4jh-3crq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58956?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2g87-y8ek-xfdr"},{"vulnerability":"VCID-2ttz-k7d2-jucf"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-36ve-7wxt-z7fz"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4cbe-djqs-tug1"},{"vulnerability":"VCID-4w1v-es9j-subp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6mjf-p1d9-8qa1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-8u5e-d6nx-3khc"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b5hn-f1qk-z7cu"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c1ta-jffg-cfg9"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cfjt-51xj-qqdw"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-er49-k3tc-ufcu"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fz6y-fece-skgr"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gxnx-f2qh-3yf9"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hspp-kw5e-akbr"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kgws-xvjr-g7bv"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kv6x-nz1s-uuar"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-n5mn-3a8f-nbdb"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-nn21-hf8r-ykfd"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p1py-xewy-7khn"},{"vulnerability":"VCID-p9qx-66yy-1kc1"},{"vulnerability":"VCID-pm85-dfg2-euep"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rgnq-s54v-vkdm"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w42y-yc7r-kqhp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wh14-k3ex-pubq"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-ze8y-4wfs-hbf9"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1"}],"aliases":["CVE-2021-28583","GHSA-7gh6-f4jh-3crq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u2hc-27c2-1udc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55985?format=json","vulnerability_id":"VCID-ugyc-gehq-rudu","summary":"Magento Open Source Incorrect Authorization vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to have a low impact on integrity. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45125","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21314","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45125"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:06:28Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45125","reference_id":"CVE-2024-45125","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45125"},{"reference_url":"https://github.com/advisories/GHSA-xg36-8c2v-jpxh","reference_id":"GHSA-xg36-8c2v-jpxh","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xg36-8c2v-jpxh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45125","GHSA-xg36-8c2v-jpxh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ugyc-gehq-rudu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109934?format=json","vulnerability_id":"VCID-vcdk-gdky-7fdg","summary":"Magento stored Cross-Site Scripting (XSS) vulnerability\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34257","reference_id":"","reference_type":"","scores":[{"value":"0.00769","scoring_system":"epss","scoring_elements":"0.7387","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00769","scoring_system":"epss","scoring_elements":"0.73906","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34257"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523"},{"reference_url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa"},{"reference_url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:05:02Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34257","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34257"},{"reference_url":"https://github.com/advisories/GHSA-rg7p-wmgj-f374","reference_id":"GHSA-rg7p-wmgj-f374","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rg7p-wmgj-f374"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/64404?format=json","purl":"pkg:composer/magento/community-edition@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-34257","GHSA-rg7p-wmgj-f374"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vcdk-gdky-7fdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111584?format=json","vulnerability_id":"VCID-ve4u-d5rz-wyab","summary":"Magento OS command injection via the WebAPI\nMagento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to OS command injection via the WebAPI. Successful exploitation could lead to remote code execution by an authenticated attacker. Access to the admin console is required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21016","reference_id":"","reference_type":"","scores":[{"value":"0.04449","scoring_system":"epss","scoring_elements":"0.89248","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04449","scoring_system":"epss","scoring_elements":"0.89266","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21016"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497"},{"reference_url":"https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21016","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21016"},{"reference_url":"https://github.com/advisories/GHSA-792f-c8mp-2cr5","reference_id":"GHSA-792f-c8mp-2cr5","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-792f-c8mp-2cr5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58955?format=json","purl":"pkg:composer/magento/community-edition@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2g87-y8ek-xfdr"},{"vulnerability":"VCID-2ttz-k7d2-jucf"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-36ve-7wxt-z7fz"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4cbe-djqs-tug1"},{"vulnerability":"VCID-4w1v-es9j-subp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6mjf-p1d9-8qa1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-8u5e-d6nx-3khc"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b5hn-f1qk-z7cu"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c1ta-jffg-cfg9"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cfjt-51xj-qqdw"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-er49-k3tc-ufcu"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fz6y-fece-skgr"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gxnx-f2qh-3yf9"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hspp-kw5e-akbr"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kgws-xvjr-g7bv"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kv6x-nz1s-uuar"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-n5mn-3a8f-nbdb"},{"vulnerability":"VCID-nn21-hf8r-ykfd"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p1py-xewy-7khn"},{"vulnerability":"VCID-p9qx-66yy-1kc1"},{"vulnerability":"VCID-pm85-dfg2-euep"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rgnq-s54v-vkdm"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w42y-yc7r-kqhp"},{"vulnerability":"VCID-wh14-k3ex-pubq"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-ze8y-4wfs-hbf9"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2"}],"aliases":["CVE-2021-21016","GHSA-792f-c8mp-2cr5"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ve4u-d5rz-wyab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109923?format=json","vulnerability_id":"VCID-vp8y-y64r-wkc9","summary":"Magento Improper Authorization vulnerability\nAdobe Commerce versions 2.4.3-p2 (and earlier), 2.3.7-p3 (and earlier) and 2.4.4 (and earlier) are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to access other user's data. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34256","reference_id":"","reference_type":"","scores":[{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61564","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61612","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34256"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/246d524b7586af2245092008e0d92b8d6fdd8523"},{"reference_url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5548bc64b5bc904346c0af9193a7fbb5274b4efa"},{"reference_url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/5f07eba878296a37bd5c3a2baecad48948547594"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:06:22Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-38.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34256","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34256"},{"reference_url":"https://github.com/advisories/GHSA-r7mm-grf3-5fjv","reference_id":"GHSA-r7mm-grf3-5fjv","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r7mm-grf3-5fjv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/144517?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/64404?format=json","purl":"pkg:composer/magento/community-edition@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/64406?format=json","purl":"pkg:composer/magento/community-edition@2.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2h52-3pt6-dfcw"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3et4-3zad-1qfn"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-525q-afzj-tkcp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7ewa-w75h-qfdy"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-7s7e-adr6-h3dc"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-az2w-5xhy-5fe4"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cgwk-hn4t-n7c1"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d2ab-j8bf-e7dx"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-dx43-89w9-a7dg"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fzam-yuyg-qyd5"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hh8a-mgkk-3yb5"},{"vulnerability":"VCID-j124-q39m-mkby"},{"vulnerability":"VCID-j5vp-2jrx-ukf4"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jhd5-tqph-3ufu"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-msac-ptqf-pyg1"},{"vulnerability":"VCID-mtr5-suag-2bdj"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p222-28c1-vfhy"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-upcj-z3c1-ubcf"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w3zd-fezc-nuhd"},{"vulnerability":"VCID-wjfe-wh5k-1qft"},{"vulnerability":"VCID-ws6y-k3tx-r3gb"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-x46d-a16g-nkg9"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yuvf-e7hk-kqf9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5"}],"aliases":["CVE-2022-34256","GHSA-r7mm-grf3-5fjv"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vp8y-y64r-wkc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55979?format=json","vulnerability_id":"VCID-vu36-a1g1-nugt","summary":"Magento Open Source Improper Authorization vulnerability\nAdobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. A low-privileged attacker could leverage this vulnerability to bypass security measures and affect confidentiality. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45132","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32354","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45132"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:02:03Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45132","reference_id":"CVE-2024-45132","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45132"},{"reference_url":"https://github.com/advisories/GHSA-5f64-ppmg-cvvm","reference_id":"GHSA-5f64-ppmg-cvvm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5f64-ppmg-cvvm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45132","GHSA-5f64-ppmg-cvvm"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vu36-a1g1-nugt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55996?format=json","vulnerability_id":"VCID-vx13-4b1d-wbgp","summary":"Magento Open Source Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability\nAdobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature bypass. An attacker could exploit this vulnerability to alter a condition between the check and the use of a resource, having a low impact on integrity. Exploitation of this issue requires user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45120","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2257","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45120"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:01:07Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45120","reference_id":"CVE-2024-45120","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45120"},{"reference_url":"https://github.com/advisories/GHSA-47jp-46c9-25vf","reference_id":"GHSA-47jp-46c9-25vf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-47jp-46c9-25vf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45120","GHSA-47jp-46c9-25vf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vx13-4b1d-wbgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111309?format=json","vulnerability_id":"VCID-w4uu-k7nk-a7hr","summary":"Magento cross-site request forgery (CSRF) vulnerability via the GraphQL API\nMagento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a cross-site request forgery (CSRF) vulnerability via the GraphQL API. Successful exploitation could lead to unauthorized modification of customer metadata by an unauthenticated attacker. Access to the admin console is not required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21027","reference_id":"","reference_type":"","scores":[{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.58918","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.58965","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21027"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497"},{"reference_url":"https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21027","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21027"},{"reference_url":"https://github.com/advisories/GHSA-h4xc-577p-hgj9","reference_id":"GHSA-h4xc-577p-hgj9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h4xc-577p-hgj9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58955?format=json","purl":"pkg:composer/magento/community-edition@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2g87-y8ek-xfdr"},{"vulnerability":"VCID-2ttz-k7d2-jucf"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-36ve-7wxt-z7fz"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4cbe-djqs-tug1"},{"vulnerability":"VCID-4w1v-es9j-subp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6mjf-p1d9-8qa1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-8u5e-d6nx-3khc"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b5hn-f1qk-z7cu"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c1ta-jffg-cfg9"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cfjt-51xj-qqdw"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-er49-k3tc-ufcu"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fz6y-fece-skgr"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gxnx-f2qh-3yf9"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hspp-kw5e-akbr"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kgws-xvjr-g7bv"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kv6x-nz1s-uuar"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-n5mn-3a8f-nbdb"},{"vulnerability":"VCID-nn21-hf8r-ykfd"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p1py-xewy-7khn"},{"vulnerability":"VCID-p9qx-66yy-1kc1"},{"vulnerability":"VCID-pm85-dfg2-euep"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rgnq-s54v-vkdm"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w42y-yc7r-kqhp"},{"vulnerability":"VCID-wh14-k3ex-pubq"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-ze8y-4wfs-hbf9"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2"}],"aliases":["CVE-2021-21027","GHSA-h4xc-577p-hgj9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w4uu-k7nk-a7hr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111983?format=json","vulnerability_id":"VCID-wbt5-q9qd-8kby","summary":"Magento Path Traversal vulnerability\nMagento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a Path Traversal vulnerability when creating a store with child theme.Successful exploitation could lead to arbitrary file system write by an authenticated attacker. Access to the admin console is required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28584","reference_id":"","reference_type":"","scores":[{"value":"0.00574","scoring_system":"epss","scoring_elements":"0.69125","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00574","scoring_system":"epss","scoring_elements":"0.69164","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28584"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-30.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-30.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28584","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28584"},{"reference_url":"https://github.com/advisories/GHSA-7gpv-xrjr-f5h4","reference_id":"GHSA-7gpv-xrjr-f5h4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7gpv-xrjr-f5h4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58956?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2g87-y8ek-xfdr"},{"vulnerability":"VCID-2ttz-k7d2-jucf"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-36ve-7wxt-z7fz"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4cbe-djqs-tug1"},{"vulnerability":"VCID-4w1v-es9j-subp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6mjf-p1d9-8qa1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-8u5e-d6nx-3khc"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b5hn-f1qk-z7cu"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c1ta-jffg-cfg9"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cfjt-51xj-qqdw"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-er49-k3tc-ufcu"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fz6y-fece-skgr"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gxnx-f2qh-3yf9"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hspp-kw5e-akbr"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kgws-xvjr-g7bv"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kv6x-nz1s-uuar"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-n5mn-3a8f-nbdb"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-nn21-hf8r-ykfd"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p1py-xewy-7khn"},{"vulnerability":"VCID-p9qx-66yy-1kc1"},{"vulnerability":"VCID-pm85-dfg2-euep"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rgnq-s54v-vkdm"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w42y-yc7r-kqhp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wh14-k3ex-pubq"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-ze8y-4wfs-hbf9"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1"}],"aliases":["CVE-2021-28584","GHSA-7gpv-xrjr-f5h4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wbt5-q9qd-8kby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55990?format=json","vulnerability_id":"VCID-wvyx-2bbb-9yf7","summary":"Magento Open Source Information Exposure vulnerability\nMagento Open Source  versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45133","reference_id":"","reference_type":"","scores":[{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28716","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45133"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:54:05Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45133","reference_id":"CVE-2024-45133","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45133"},{"reference_url":"https://github.com/advisories/GHSA-j3mh-wx5f-2vhg","reference_id":"GHSA-j3mh-wx5f-2vhg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j3mh-wx5f-2vhg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45133","GHSA-j3mh-wx5f-2vhg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wvyx-2bbb-9yf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112088?format=json","vulnerability_id":"VCID-xbhh-m11c-gkeu","summary":"Magento Improper input validation vulnerability\nMagento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by an Improper input validation vulnerability in the New customer WebAPI.Successful exploitation could allow an attacker to send unsolicited spam e-mails.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28585","reference_id":"","reference_type":"","scores":[{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.57907","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00353","scoring_system":"epss","scoring_elements":"0.5796","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28585"},{"reference_url":"https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-30.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-30.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28585","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28585"},{"reference_url":"https://github.com/advisories/GHSA-c38m-9668-6j2w","reference_id":"GHSA-c38m-9668-6j2w","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c38m-9668-6j2w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58956?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2g87-y8ek-xfdr"},{"vulnerability":"VCID-2ttz-k7d2-jucf"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-36ve-7wxt-z7fz"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4cbe-djqs-tug1"},{"vulnerability":"VCID-4w1v-es9j-subp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6mjf-p1d9-8qa1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-8u5e-d6nx-3khc"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b5hn-f1qk-z7cu"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c1ta-jffg-cfg9"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cfjt-51xj-qqdw"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-er49-k3tc-ufcu"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fz6y-fece-skgr"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gxnx-f2qh-3yf9"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hspp-kw5e-akbr"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kgws-xvjr-g7bv"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kv6x-nz1s-uuar"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-n5mn-3a8f-nbdb"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-nn21-hf8r-ykfd"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p1py-xewy-7khn"},{"vulnerability":"VCID-p9qx-66yy-1kc1"},{"vulnerability":"VCID-pm85-dfg2-euep"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rgnq-s54v-vkdm"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w42y-yc7r-kqhp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wh14-k3ex-pubq"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-ze8y-4wfs-hbf9"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1"}],"aliases":["CVE-2021-28585","GHSA-c38m-9668-6j2w"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xbhh-m11c-gkeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57099?format=json","vulnerability_id":"VCID-xfvu-2zg4-ruf6","summary":"Magento Improper Authorization vulnerability\nMagento versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27188","reference_id":"","reference_type":"","scores":[{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36319","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27188"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T20:53:30Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-26.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27188","reference_id":"CVE-2025-27188","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27188"},{"reference_url":"https://github.com/advisories/GHSA-rr2g-rrjj-xw86","reference_id":"GHSA-rr2g-rrjj-xw86","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rr2g-rrjj-xw86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84773?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p13"},{"url":"http://public2.vulnerablecode.io/api/packages/84774?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84775?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/84776?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p5"},{"url":"http://public2.vulnerablecode.io/api/packages/70851?format=json","purl":"pkg:composer/magento/community-edition@2.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fzm9-e6bg-r7aw"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8"}],"aliases":["CVE-2025-27188","GHSA-rr2g-rrjj-xw86"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xfvu-2zg4-ruf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55981?format=json","vulnerability_id":"VCID-xk5y-7a1w-zba9","summary":"Magento Open Source Server-Side Request Forgery (SSRF) vulnerability\nAdobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45119","reference_id":"","reference_type":"","scores":[{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57712","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45119"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:58:44Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45119","reference_id":"CVE-2024-45119","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45119"},{"reference_url":"https://github.com/advisories/GHSA-g9fm-wc6h-pvgj","reference_id":"GHSA-g9fm-wc6h-pvgj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g9fm-wc6h-pvgj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45119","GHSA-g9fm-wc6h-pvgj"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xk5y-7a1w-zba9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56640?format=json","vulnerability_id":"VCID-xsq8-ztqh-ubb8","summary":"Magento stored Cross-Site Scripting (XSS) vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24438","reference_id":"","reference_type":"","scores":[{"value":"0.04462","scoring_system":"epss","scoring_elements":"0.89292","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24438"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T04:55:43Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24438","reference_id":"CVE-2025-24438","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24438"},{"reference_url":"https://github.com/advisories/GHSA-8884-7rm9-mrx4","reference_id":"GHSA-8884-7rm9-mrx4","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8884-7rm9-mrx4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24438","GHSA-8884-7rm9-mrx4"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xsq8-ztqh-ubb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55987?format=json","vulnerability_id":"VCID-y1v3-9tyq-uqhd","summary":"Magento Open Source Information Exposure vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in further attacks. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45134","reference_id":"","reference_type":"","scores":[{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30677","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45134"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T14:05:23Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45134","reference_id":"CVE-2024-45134","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45134"},{"reference_url":"https://github.com/advisories/GHSA-4f89-5cwm-rm5g","reference_id":"GHSA-4f89-5cwm-rm5g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4f89-5cwm-rm5g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45134","GHSA-4f89-5cwm-rm5g"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y1v3-9tyq-uqhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55696?format=json","vulnerability_id":"VCID-y4u6-cy8y-hyae","summary":"Magento Open Source Path Traversal vulnerability\nMagento Open Source versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to gain access to files and directories that are outside the restricted directory. Exploitation of this issue does not require user interaction and scope is changed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39406","reference_id":"","reference_type":"","scores":[{"value":"0.00916","scoring_system":"epss","scoring_elements":"0.76318","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39406"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-14T14:12:23Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-61.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39406","reference_id":"CVE-2024-39406","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39406"},{"reference_url":"https://github.com/advisories/GHSA-6pxh-2557-5cj5","reference_id":"GHSA-6pxh-2557-5cj5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6pxh-2557-5cj5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82410?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82409?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/82408?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p7"},{"url":"http://public2.vulnerablecode.io/api/packages/67320?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4dae-vty8-b7hk"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6p6q-ctya-q3bv"},{"vulnerability":"VCID-6t9w-cnkz-s3c3"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7hrm-jtbx-sqgm"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8msu-s38a-p7e3"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9cc9-npdc-8bac"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a8gs-ervm-e3hm"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-agtm-nkhp-dkdn"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b4jg-dj1a-9qd5"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-cc8x-6es1-8kc5"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-dpgz-dacm-sqg6"},{"vulnerability":"VCID-e9zx-zy9y-2fcp"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kxnm-y19k-mqg2"},{"vulnerability":"VCID-m5z8-hz81-j7b7"},{"vulnerability":"VCID-m83v-51cy-uqar"},{"vulnerability":"VCID-md7v-w5aq-t7h1"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qfw5-3tdu-x7g4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qj4x-u7gx-9uf1"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-r7nh-arcj-8fb3"},{"vulnerability":"VCID-rbjk-3gcs-2qb5"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rf6p-ct86-5bgz"},{"vulnerability":"VCID-ruru-fwmn-5kes"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-s5e2-d6n8-kkbr"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-tc3m-4bkg-qkcf"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4r1-yr69-uuf6"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zt9b-9sjx-7qb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-beta1"},{"url":"http://public2.vulnerablecode.io/api/packages/82407?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p2"}],"aliases":["CVE-2024-39406","GHSA-6pxh-2557-5cj5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y4u6-cy8y-hyae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56641?format=json","vulnerability_id":"VCID-y7x4-664r-3fbk","summary":"Magento Improper Access Control vulnerability\nAdobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24436","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35372","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24436"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-11T18:48:53Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb25-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24436","reference_id":"CVE-2025-24436","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-24436"},{"reference_url":"https://github.com/advisories/GHSA-ghpr-6qhr-rpp8","reference_id":"GHSA-ghpr-6qhr-rpp8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-ghpr-6qhr-rpp8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/84086?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p12"},{"url":"http://public2.vulnerablecode.io/api/packages/84085?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/84084?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p9"},{"url":"http://public2.vulnerablecode.io/api/packages/84083?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p4"},{"url":"http://public2.vulnerablecode.io/api/packages/84090?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xfvu-2zg4-ruf6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta2"}],"aliases":["CVE-2025-24436","GHSA-ghpr-6qhr-rpp8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y7x4-664r-3fbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54681?format=json","vulnerability_id":"VCID-yvcy-4e8m-p3b8","summary":"Improper Authorization\nAn authorization flaw was found in Magento. Successful exploitation could lead to unauthorized modification of customer data by an unauthenticated attacker. Access to the admin console is required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28563","reference_id":"","reference_type":"","scores":[{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49348","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49287","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28563"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695"},{"reference_url":"https://github.com/magento/magento2/commit/ed952726c94e401e922e88490e41a536f2d850e7","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/ed952726c94e401e922e88490e41a536f2d850e7"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-30.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-30.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28563","reference_id":"CVE-2021-28563","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28563"},{"reference_url":"https://github.com/advisories/GHSA-q9xx-4689-gvv5","reference_id":"GHSA-q9xx-4689-gvv5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q9xx-4689-gvv5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58956?format=json","purl":"pkg:composer/magento/community-edition@2.4.2-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2g87-y8ek-xfdr"},{"vulnerability":"VCID-2ttz-k7d2-jucf"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-36ve-7wxt-z7fz"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4cbe-djqs-tug1"},{"vulnerability":"VCID-4w1v-es9j-subp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6mjf-p1d9-8qa1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-8u5e-d6nx-3khc"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b5hn-f1qk-z7cu"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c1ta-jffg-cfg9"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cfjt-51xj-qqdw"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-er49-k3tc-ufcu"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fz6y-fece-skgr"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gxnx-f2qh-3yf9"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hspp-kw5e-akbr"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kgws-xvjr-g7bv"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kv6x-nz1s-uuar"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-n5mn-3a8f-nbdb"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-nn21-hf8r-ykfd"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p1py-xewy-7khn"},{"vulnerability":"VCID-p9qx-66yy-1kc1"},{"vulnerability":"VCID-pm85-dfg2-euep"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rgnq-s54v-vkdm"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w42y-yc7r-kqhp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wh14-k3ex-pubq"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-ze8y-4wfs-hbf9"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1"}],"aliases":["CVE-2021-28563","GHSA-q9xx-4689-gvv5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yvcy-4e8m-p3b8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55983?format=json","vulnerability_id":"VCID-z2v2-n138-6ydv","summary":"Magento Open Source stored Cross-Site Scripting (XSS) vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45127","reference_id":"","reference_type":"","scores":[{"value":"0.01887","scoring_system":"epss","scoring_elements":"0.83543","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45127"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:55:55Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45127","reference_id":"CVE-2024-45127","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45127"},{"reference_url":"https://github.com/advisories/GHSA-c89g-gq5r-2xw2","reference_id":"GHSA-c89g-gq5r-2xw2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c89g-gq5r-2xw2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45127","GHSA-c89g-gq5r-2xw2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z2v2-n138-6ydv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55995?format=json","vulnerability_id":"VCID-zdpz-8tc2-6kah","summary":"Magento Open Source Improper Authorization vulnerability\nMagento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact on integrity and availability. Exploitation of this issue does not require user interaction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45128","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13975","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45128"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T13:53:58Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb24-73.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45128","reference_id":"CVE-2024-45128","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45128"},{"reference_url":"https://github.com/advisories/GHSA-qpp7-742q-58j3","reference_id":"GHSA-qpp7-742q-58j3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qpp7-742q-58j3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82921?format=json","purl":"pkg:composer/magento/community-edition@2.4.4-p11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p11"},{"url":"http://public2.vulnerablecode.io/api/packages/82920?format=json","purl":"pkg:composer/magento/community-edition@2.4.5-p10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p10"},{"url":"http://public2.vulnerablecode.io/api/packages/82919?format=json","purl":"pkg:composer/magento/community-edition@2.4.6-p8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6-p8"},{"url":"http://public2.vulnerablecode.io/api/packages/82918?format=json","purl":"pkg:composer/magento/community-edition@2.4.7-p3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.7-p3"},{"url":"http://public2.vulnerablecode.io/api/packages/70850?format=json","purl":"pkg:composer/magento/community-edition@2.4.8-beta1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1jsp-392b-2fgb"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3g5s-hryc-5qa9"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-cafy-5dd8-rudj"},{"vulnerability":"VCID-ccx1-qacj-2qev"},{"vulnerability":"VCID-cm2a-1yc5-v3cy"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dj5a-35gt-u7dn"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-eygc-ra9u-gyej"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qrwc-3gsb-zkfy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-th7y-aj51-mbaj"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-tzug-ckkn-dyft"},{"vulnerability":"VCID-wzu6-rbsv-mkde"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yyq6-dvyx-3bb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.8-beta1"}],"aliases":["CVE-2024-45128","GHSA-qpp7-742q-58j3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zdpz-8tc2-6kah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42472?format=json","vulnerability_id":"VCID-zkkk-5q62-ubca","summary":"Magento improper input validation vulnerability\nAdobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24086","reference_id":"","reference_type":"","scores":[{"value":"0.93696","scoring_system":"epss","scoring_elements":"0.99857","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24086"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb22-12.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2024-02-27T18:35:53Z/"}],"url":"https://helpx.adobe.com/security/products/magento/apsb22-12.html"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-24086","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-24086"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24086","reference_id":"CVE-2022-24086","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24086"},{"reference_url":"https://github.com/advisories/GHSA-f8fv-f786-9933","reference_id":"GHSA-f8fv-f786-9933","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f8fv-f786-9933"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60734?format=json","purl":"pkg:composer/magento/community-edition@2.4.3-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/66998?format=json","purl":"pkg:composer/magento/community-edition@2.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-5wfa-wpby-dke1"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fyh6-gupt-eqgm"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hd53-pxmk-ruap"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-y93w-2qcc-wqg8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.3"}],"aliases":["CVE-2022-24086","GHSA-f8fv-f786-9933"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zkkk-5q62-ubca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54062?format=json","vulnerability_id":"VCID-zubf-dqv7-xkf3","summary":"Cross-site Scripting\nMagento is vulnerable to Cross-Site Scripting in the admin console. Successful exploitation could lead to arbitrary JavaScript execution in the victim's browser. Access to the admin console is required for successful exploitation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21029","reference_id":"","reference_type":"","scores":[{"value":"0.43501","scoring_system":"epss","scoring_elements":"0.97581","published_at":"2026-06-04T12:55:00Z"},{"value":"0.43501","scoring_system":"epss","scoring_elements":"0.97586","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21029"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a2eb7e29ea92a8bbc86c3b6b81b59d8533088497"},{"reference_url":"https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/a349e022c9ae070e7da262021f9ef182105aa00b"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb21-08.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21029","reference_id":"CVE-2021-21029","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21029"},{"reference_url":"https://github.com/advisories/GHSA-jwxh-wj79-ccm6","reference_id":"GHSA-jwxh-wj79-ccm6","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jwxh-wj79-ccm6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/79754?format=json","purl":"pkg:composer/magento/community-edition@2.4.1-p1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.1-p1"},{"url":"http://public2.vulnerablecode.io/api/packages/58955?format=json","purl":"pkg:composer/magento/community-edition@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2g87-y8ek-xfdr"},{"vulnerability":"VCID-2ttz-k7d2-jucf"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-36ve-7wxt-z7fz"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4cbe-djqs-tug1"},{"vulnerability":"VCID-4w1v-es9j-subp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6mjf-p1d9-8qa1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-8u5e-d6nx-3khc"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b5hn-f1qk-z7cu"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c1ta-jffg-cfg9"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cfjt-51xj-qqdw"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-er49-k3tc-ufcu"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fz6y-fece-skgr"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gxnx-f2qh-3yf9"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hspp-kw5e-akbr"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kgws-xvjr-g7bv"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kv6x-nz1s-uuar"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-n5mn-3a8f-nbdb"},{"vulnerability":"VCID-nn21-hf8r-ykfd"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p1py-xewy-7khn"},{"vulnerability":"VCID-p9qx-66yy-1kc1"},{"vulnerability":"VCID-pm85-dfg2-euep"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rgnq-s54v-vkdm"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w42y-yc7r-kqhp"},{"vulnerability":"VCID-wh14-k3ex-pubq"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-ze8y-4wfs-hbf9"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2"}],"aliases":["CVE-2021-21029","GHSA-jwxh-wj79-ccm6"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zubf-dqv7-xkf3"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52901?format=json","vulnerability_id":"VCID-87ka-etbj-pfen","summary":"Cross-Site Request Forgery (CSRF)\nOpenMage LTS before versions 19.4.6 and 20.0.2 allows attackers to circumvent the `fromkey protection` in the Admin Interface and increases the attack surface for Cross Site Request Forgery attacks. This issue is related to Adobe's CVE-2020-9690. It is patched in versions 19.4.6 and 20.0.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15151","reference_id":"","reference_type":"","scores":[{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25169","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25265","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15151"},{"reference_url":"https://github.com/OpenMage/magento-lts","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/OpenMage/magento-lts"},{"reference_url":"https://github.com/OpenMage/magento-lts/commit/7c526bc6a6a51b57a1bab4c60f104dc36cde347a","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/OpenMage/magento-lts/commit/7c526bc6a6a51b57a1bab4c60f104dc36cde347a"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb20-47.html","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb20-47.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15151","reference_id":"CVE-2020-15151","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15151"},{"reference_url":"https://github.com/advisories/GHSA-crf2-xm6x-46p6","reference_id":"GHSA-crf2-xm6x-46p6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-crf2-xm6x-46p6"},{"reference_url":"https://github.com/OpenMage/magento-lts/security/advisories/GHSA-crf2-xm6x-46p6","reference_id":"GHSA-crf2-xm6x-46p6","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/OpenMage/magento-lts/security/advisories/GHSA-crf2-xm6x-46p6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77892?format=json","purl":"pkg:composer/magento/community-edition@2.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2g87-y8ek-xfdr"},{"vulnerability":"VCID-2ttz-k7d2-jucf"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-36ve-7wxt-z7fz"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4cbe-djqs-tug1"},{"vulnerability":"VCID-4w1v-es9j-subp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6mjf-p1d9-8qa1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-8u5e-d6nx-3khc"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b5hn-f1qk-z7cu"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c1ta-jffg-cfg9"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-cfjt-51xj-qqdw"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-er49-k3tc-ufcu"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fz6y-fece-skgr"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gxnx-f2qh-3yf9"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hspp-kw5e-akbr"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kgws-xvjr-g7bv"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kv6x-nz1s-uuar"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-n5mn-3a8f-nbdb"},{"vulnerability":"VCID-nn21-hf8r-ykfd"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p1py-xewy-7khn"},{"vulnerability":"VCID-p9qx-66yy-1kc1"},{"vulnerability":"VCID-pm85-dfg2-euep"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rgnq-s54v-vkdm"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w42y-yc7r-kqhp"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wh14-k3ex-pubq"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-ze8y-4wfs-hbf9"},{"vulnerability":"VCID-zkkk-5q62-ubca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/60732?format=json","purl":"pkg:composer/magento/community-edition@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1b6m-qfes-mqab"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8ape-agd1-s7hf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-c4mx-9727-nfgs"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-dqkx-knjf-47hh"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7k8-hmqe-wufh"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gyj5-abau-uyf6"},{"vulnerability":"VCID-h4nn-2mrj-g3ds"},{"vulnerability":"VCID-h64s-51sc-huga"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hufp-fajk-n7gu"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-j77a-cqsd-wuf1"},{"vulnerability":"VCID-jmhs-9u49-ekbj"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-px1s-dzpe-qbfx"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qq42-4zzt-3kh2"},{"vulnerability":"VCID-qx68-8xvf-a7hy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-spjd-9z79-jueh"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"},{"vulnerability":"VCID-zubf-dqv7-xkf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0"}],"aliases":["CVE-2020-15151","GHSA-crf2-xm6x-46p6"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-87ka-etbj-pfen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52847?format=json","vulnerability_id":"VCID-a5rz-y1hu-ubc6","summary":"Information Exposure Through Discrepancy\nMagento has an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-9690","reference_id":"","reference_type":"","scores":[{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.6491","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0047","scoring_system":"epss","scoring_elements":"0.64953","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-9690"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/9436781734e47c83e96977fa770d255217680d5e","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/9436781734e47c83e96977fa770d255217680d5e"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb20-47.html","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb20-47.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-9690","reference_id":"CVE-2020-9690","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-9690"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77753?format=json","purl":"pkg:composer/magento/community-edition@2.3.5-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1b6m-qfes-mqab"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2g87-y8ek-xfdr"},{"vulnerability":"VCID-2ttz-k7d2-jucf"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-36ve-7wxt-z7fz"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4cbe-djqs-tug1"},{"vulnerability":"VCID-4w1v-es9j-subp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6mjf-p1d9-8qa1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-87ka-etbj-pfen"},{"vulnerability":"VCID-8ape-agd1-s7hf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-8u5e-d6nx-3khc"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b5hn-f1qk-z7cu"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c1ta-jffg-cfg9"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-c4mx-9727-nfgs"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cfjt-51xj-qqdw"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-dqkx-knjf-47hh"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7k8-hmqe-wufh"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-er49-k3tc-ufcu"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fz6y-fece-skgr"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gxnx-f2qh-3yf9"},{"vulnerability":"VCID-gyj5-abau-uyf6"},{"vulnerability":"VCID-h4nn-2mrj-g3ds"},{"vulnerability":"VCID-h64s-51sc-huga"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hspp-kw5e-akbr"},{"vulnerability":"VCID-hufp-fajk-n7gu"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-j77a-cqsd-wuf1"},{"vulnerability":"VCID-jmhs-9u49-ekbj"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kgws-xvjr-g7bv"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kv6x-nz1s-uuar"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-n5mn-3a8f-nbdb"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-nn21-hf8r-ykfd"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p1py-xewy-7khn"},{"vulnerability":"VCID-p9qx-66yy-1kc1"},{"vulnerability":"VCID-pm85-dfg2-euep"},{"vulnerability":"VCID-px1s-dzpe-qbfx"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qq42-4zzt-3kh2"},{"vulnerability":"VCID-qx68-8xvf-a7hy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rgnq-s54v-vkdm"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-spjd-9z79-jueh"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w42y-yc7r-kqhp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wh14-k3ex-pubq"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-ze8y-4wfs-hbf9"},{"vulnerability":"VCID-zkkk-5q62-ubca"},{"vulnerability":"VCID-zubf-dqv7-xkf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.5-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/60732?format=json","purl":"pkg:composer/magento/community-edition@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1b6m-qfes-mqab"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8ape-agd1-s7hf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-c4mx-9727-nfgs"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-dqkx-knjf-47hh"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7k8-hmqe-wufh"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gyj5-abau-uyf6"},{"vulnerability":"VCID-h4nn-2mrj-g3ds"},{"vulnerability":"VCID-h64s-51sc-huga"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hufp-fajk-n7gu"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-j77a-cqsd-wuf1"},{"vulnerability":"VCID-jmhs-9u49-ekbj"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-px1s-dzpe-qbfx"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qq42-4zzt-3kh2"},{"vulnerability":"VCID-qx68-8xvf-a7hy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-spjd-9z79-jueh"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"},{"vulnerability":"VCID-zubf-dqv7-xkf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0"}],"aliases":["CVE-2020-9690","GHSA-xgp9-j48h-jjf9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a5rz-y1hu-ubc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52844?format=json","vulnerability_id":"VCID-tuw6-hdbp-yqb2","summary":"Incorrect Authorization\nMagento has a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-9692","reference_id":"","reference_type":"","scores":[{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.82113","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01607","scoring_system":"epss","scoring_elements":"0.82083","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-9692"},{"reference_url":"https://github.com/magento/magento2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2"},{"reference_url":"https://github.com/magento/magento2/commit/9436781734e47c83e96977fa770d255217680d5e","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/magento/magento2/commit/9436781734e47c83e96977fa770d255217680d5e"},{"reference_url":"https://helpx.adobe.com/security/products/magento/apsb20-47.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://helpx.adobe.com/security/products/magento/apsb20-47.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-9692","reference_id":"CVE-2020-9692","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-9692"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77753?format=json","purl":"pkg:composer/magento/community-edition@2.3.5-p2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1b6m-qfes-mqab"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2g87-y8ek-xfdr"},{"vulnerability":"VCID-2ttz-k7d2-jucf"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-36ve-7wxt-z7fz"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-4cbe-djqs-tug1"},{"vulnerability":"VCID-4w1v-es9j-subp"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-69wt-c418-mubr"},{"vulnerability":"VCID-6mjf-p1d9-8qa1"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-87ka-etbj-pfen"},{"vulnerability":"VCID-8ape-agd1-s7hf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-8u5e-d6nx-3khc"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b5hn-f1qk-z7cu"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c1ta-jffg-cfg9"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-c4mx-9727-nfgs"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cfjt-51xj-qqdw"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-dqkx-knjf-47hh"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7k8-hmqe-wufh"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-er49-k3tc-ufcu"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-fz6y-fece-skgr"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gxnx-f2qh-3yf9"},{"vulnerability":"VCID-gyj5-abau-uyf6"},{"vulnerability":"VCID-h4nn-2mrj-g3ds"},{"vulnerability":"VCID-h64s-51sc-huga"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hspp-kw5e-akbr"},{"vulnerability":"VCID-hufp-fajk-n7gu"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-j77a-cqsd-wuf1"},{"vulnerability":"VCID-jmhs-9u49-ekbj"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kgws-xvjr-g7bv"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kv6x-nz1s-uuar"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-n5mn-3a8f-nbdb"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-nn21-hf8r-ykfd"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-p1py-xewy-7khn"},{"vulnerability":"VCID-p9qx-66yy-1kc1"},{"vulnerability":"VCID-pm85-dfg2-euep"},{"vulnerability":"VCID-px1s-dzpe-qbfx"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qq42-4zzt-3kh2"},{"vulnerability":"VCID-qx68-8xvf-a7hy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rgnq-s54v-vkdm"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-spjd-9z79-jueh"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w42y-yc7r-kqhp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wh14-k3ex-pubq"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-ze8y-4wfs-hbf9"},{"vulnerability":"VCID-zkkk-5q62-ubca"},{"vulnerability":"VCID-zubf-dqv7-xkf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.5-p2"},{"url":"http://public2.vulnerablecode.io/api/packages/60732?format=json","purl":"pkg:composer/magento/community-edition@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1b6m-qfes-mqab"},{"vulnerability":"VCID-1k4q-2ttb-13hd"},{"vulnerability":"VCID-2vsw-t8k2-4bfm"},{"vulnerability":"VCID-3zcy-b3th-ukhd"},{"vulnerability":"VCID-5gxr-xksz-5ydb"},{"vulnerability":"VCID-6tx4-wexr-fkbb"},{"vulnerability":"VCID-6wdt-8fbe-hkbe"},{"vulnerability":"VCID-7pr7-uqp1-sugt"},{"vulnerability":"VCID-7s3w-8dn6-jqh7"},{"vulnerability":"VCID-7s74-rdkp-vyaf"},{"vulnerability":"VCID-8ape-agd1-s7hf"},{"vulnerability":"VCID-8hx4-r8bb-n7ge"},{"vulnerability":"VCID-8ky6-w2nk-9bds"},{"vulnerability":"VCID-8shb-t5zp-rqbu"},{"vulnerability":"VCID-9vrt-uccb-myev"},{"vulnerability":"VCID-a9b6-tenb-afdw"},{"vulnerability":"VCID-apue-gaqy-n3cq"},{"vulnerability":"VCID-ayfe-5a7g-u7b7"},{"vulnerability":"VCID-b3cn-pjp3-4yhm"},{"vulnerability":"VCID-b9ry-u6qy-j7cc"},{"vulnerability":"VCID-bch8-kq49-skhm"},{"vulnerability":"VCID-bera-73sm-bbh7"},{"vulnerability":"VCID-bkpz-ratd-e7ab"},{"vulnerability":"VCID-bzyh-c5tm-j7dn"},{"vulnerability":"VCID-c4ms-3und-c7d1"},{"vulnerability":"VCID-c4mx-9727-nfgs"},{"vulnerability":"VCID-cae3-fgn1-83hu"},{"vulnerability":"VCID-cqjn-3z6n-sff1"},{"vulnerability":"VCID-d6mk-hg8h-7qbc"},{"vulnerability":"VCID-dpm5-tmsy-2bez"},{"vulnerability":"VCID-dqkx-knjf-47hh"},{"vulnerability":"VCID-du16-f2wp-t3cw"},{"vulnerability":"VCID-dur2-pfke-h7hf"},{"vulnerability":"VCID-e7k8-hmqe-wufh"},{"vulnerability":"VCID-e7zd-dn28-4bf1"},{"vulnerability":"VCID-eahe-s41f-ckc1"},{"vulnerability":"VCID-ed87-d3y2-wfck"},{"vulnerability":"VCID-egy6-nku7-zyap"},{"vulnerability":"VCID-evth-swm9-k3de"},{"vulnerability":"VCID-fgqe-h7ey-33bd"},{"vulnerability":"VCID-fz5y-um7w-63f4"},{"vulnerability":"VCID-gedj-39p5-ubd6"},{"vulnerability":"VCID-gxj9-a1hc-47de"},{"vulnerability":"VCID-gyj5-abau-uyf6"},{"vulnerability":"VCID-h4nn-2mrj-g3ds"},{"vulnerability":"VCID-h64s-51sc-huga"},{"vulnerability":"VCID-hbau-7tvg-cygz"},{"vulnerability":"VCID-hfbb-ax6r-tbaz"},{"vulnerability":"VCID-hq7k-qz7g-4bc2"},{"vulnerability":"VCID-hufp-fajk-n7gu"},{"vulnerability":"VCID-j6ss-8f4e-e7g2"},{"vulnerability":"VCID-j77a-cqsd-wuf1"},{"vulnerability":"VCID-jmhs-9u49-ekbj"},{"vulnerability":"VCID-jr49-4fs3-8qcp"},{"vulnerability":"VCID-kezx-5nw5-hfen"},{"vulnerability":"VCID-kje4-asu6-dfg2"},{"vulnerability":"VCID-kq4m-anrt-rugn"},{"vulnerability":"VCID-kuzc-uv5b-v7an"},{"vulnerability":"VCID-kyvw-d4e8-1fd4"},{"vulnerability":"VCID-mhvf-2keh-2qar"},{"vulnerability":"VCID-mjb6-7au8-5fdx"},{"vulnerability":"VCID-mtes-xpe5-qkdj"},{"vulnerability":"VCID-mzsj-dck5-pqc5"},{"vulnerability":"VCID-nm39-k1su-yyep"},{"vulnerability":"VCID-ns8t-vtcn-aqh4"},{"vulnerability":"VCID-px1s-dzpe-qbfx"},{"vulnerability":"VCID-pxxm-ce8x-abdq"},{"vulnerability":"VCID-q4yr-fqww-tbb1"},{"vulnerability":"VCID-qgpx-hgzu-5qgp"},{"vulnerability":"VCID-qp7s-amch-v3cd"},{"vulnerability":"VCID-qq42-4zzt-3kh2"},{"vulnerability":"VCID-qx68-8xvf-a7hy"},{"vulnerability":"VCID-qzqd-271b-ybfj"},{"vulnerability":"VCID-r4bw-w4t9-23ek"},{"vulnerability":"VCID-rduw-apr6-4fdu"},{"vulnerability":"VCID-re84-qg3k-3ub3"},{"vulnerability":"VCID-rxac-w9pd-aqe1"},{"vulnerability":"VCID-s4bp-kzfu-8qfy"},{"vulnerability":"VCID-scg7-ugdn-53b9"},{"vulnerability":"VCID-sd6n-a9mk-aufb"},{"vulnerability":"VCID-shfz-pxan-v3ar"},{"vulnerability":"VCID-spjd-9z79-jueh"},{"vulnerability":"VCID-te3b-exz5-zke1"},{"vulnerability":"VCID-tvz9-8s4d-gbg6"},{"vulnerability":"VCID-txb3-ez5r-r7ek"},{"vulnerability":"VCID-u2hc-27c2-1udc"},{"vulnerability":"VCID-ugyc-gehq-rudu"},{"vulnerability":"VCID-vcdk-gdky-7fdg"},{"vulnerability":"VCID-ve4u-d5rz-wyab"},{"vulnerability":"VCID-vp8y-y64r-wkc9"},{"vulnerability":"VCID-vu36-a1g1-nugt"},{"vulnerability":"VCID-vx13-4b1d-wbgp"},{"vulnerability":"VCID-w4uu-k7nk-a7hr"},{"vulnerability":"VCID-wbt5-q9qd-8kby"},{"vulnerability":"VCID-wvyx-2bbb-9yf7"},{"vulnerability":"VCID-xbhh-m11c-gkeu"},{"vulnerability":"VCID-xfvu-2zg4-ruf6"},{"vulnerability":"VCID-xk5y-7a1w-zba9"},{"vulnerability":"VCID-xsq8-ztqh-ubb8"},{"vulnerability":"VCID-y1v3-9tyq-uqhd"},{"vulnerability":"VCID-y4u6-cy8y-hyae"},{"vulnerability":"VCID-y7x4-664r-3fbk"},{"vulnerability":"VCID-yvcy-4e8m-p3b8"},{"vulnerability":"VCID-z2v2-n138-6ydv"},{"vulnerability":"VCID-zdpz-8tc2-6kah"},{"vulnerability":"VCID-zkkk-5q62-ubca"},{"vulnerability":"VCID-zubf-dqv7-xkf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0"}],"aliases":["CVE-2020-9692","GHSA-vqg7-8v6x-54rq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tuw6-hdbp-yqb2"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0"}